Add PreLogon to Existing Portal

Showing results for 
Show  only  | Search instead for 
Did you mean: 

Add PreLogon to Existing Portal

L0 Member

Hi Everyone,


Our current setup is a GlobalProtect portal that utilizes SSO via the free Okta service.  This serves our customers as well as our internal staff.


I'd like to switch our internal staff laptops to the prelogon method, so they automatically connect with their AD machine cert, and after they login to their laptop, it passes on their username/password to GlobalProtect.  All while not interrupting the normal SSO/Okta flow for our other users.


The only hitch is, the user workstation logins are on a different domain than the one that's connected to Okta.  So, would I make a new Client Authentication setting?  And where would I place it in the priority list?


I'm assuming then I could make a new agent config, using the certificate device check for the AD domain CA, and assign custom  DNS servers, etc.


Any advice/help is greatly appreciated!




  • 0 replies
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!