- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
05-15-2024 10:54 AM
After migrating to PA-1410 from a PA-3200, the Duo 2-FA challenge message stopped showing up on the GP portal page after the initial AD credentials authentication. The functionality is working fine as the textbox for the 2-FA options shows up and proceeds as usual after the user's input, its just that the Duo login banner text that should show up to the user is missing on the page.
The message text should show up as:
" Duo two-factor login for USER
Enter a passcode or select one of the following options:
1. Duo Push to XXX-XXX-XXXX
2. SMS passcodes to XXX-XXX-XXXX
Passcode or option (1-2): "
This behavior is only occurring in the GP web portal page (in order to download the GP client), other login pages using the same 2-FA sequence and profile (i.e. Admin UI, GP client) display the login message correctly with no issues.
I checked the authd.log for differences in logs between the GP portal attempts and the Admin web UI attempts and both are fairly similar, and I am able to see the challenge RADIUS requests and responses (including the banner message received by the firewall)
Did anyone experience a similar issue while using Duo/other 2-FA solutions before?
05-22-2024 01:58 PM
Running into similar issue. Can any one help or suggest what could be the issue here?
05-24-2024 09:23 AM
Can somebody confirm if this is similar to what we are running into here?
PAN-OS 11.0.4 Addressed Issues: PAN-213011
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!