I have a question regarding prelogon and 2fa.I have managed to successfully set up a prelogon tunnel and the user tunnel.
Now a 2fa authentication should be set up. I have set up a radius server for this, tested it and so far it works.
The only thing that bothers me is the user login. When the prelogon tunnel is set up and the user logs on to the domain the 2fa code does not work. I would have thought that the GlobalProtect "removes" the 2Auth code at the end and passes the password to the AD. But apparently it isn't or I have configured something wrong? After the Prelogn tunnel is finished, the user tunnel cannot be established, because the 2Auth code is missing and you have to enter your PW again and this time with the 2FA code. Is there a way to do this already at the ad login?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!