Clientless VPN portal and SAML SSO and Application SSO

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Clientless VPN portal and SAML SSO and Application SSO

L0 Member

Hi there, I wanted to check that possibly what I'm trying isn't actually going to work. Had a look around at people with simular issues on LDAP, but I thought using SAML would solve this ... but not!

 

What I'm trying to achieve here is SSO into the VPN portal and then into any applications that use the same SSO method (the method we are using is SAML via Microsoft Entra (365).

 

I have SAML SSO working as an auth profile for the Global Protect Portal... works perfectly. I have Applications (Guacamole, One Drive) that can be accessed via the VPN portal.. but the first time I access one of these I'm prompted again for My Microsoft sign in. If I then use any other Microsoft SSO app I'm not prompted.

 

Is this expected as there is no link between the outside "session" and the sessions inside the portal?.. Is this possible to achieve (no double login)?

 

Thanks in advance.

2 REPLIES 2

Cyber Elite
Cyber Elite

It depends on Microsoft Entra settings.

 

In DUO SAML for example it is possible to configure if every application needs to be accepted with 2FA or any of them.

 

Raido_Rattameister_0-1705517453954.png

 

Enterprise Architect, Security @ Cloud Carib Ltd
Palo Alto Networks certified from 2011

L0 Member

Hi,

 

Did you find working solution for this kind of integration with SAML. I was able to create SAML for for Global Protect Portal and Clientless VPN. And now I want to create something similar with internal published application Guacamole with SAML, but is this possible at all, from the perspective of first SAML session of the login to GP Portal, then further use for internal published application?

 

Regards,

Matjaž

  • 1014 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!