09-08-2022 03:00 AM
Hi
We have recently deployed SAML authentication on our existing GP environment and this is working fine on most devices. Currently we are in a migration phase, which means only that the gateway is using SAML and the portal is still using on prem AD credentials (not saml). A few users experience the following behaviour: when logging into their PC the client automatically starts and uses the AD crendentials to authenticate to the portal. After the portal login they are redirected to the default browser for saml authentication, but instead of getting the microsoft login page they get a white page with the following text: "Login Successful!" This results in the user not being able to connect to the vpn.
Kind Regards
09-08-2022 01:46 PM
I've seen this in the past when the SSO and SLO URLs were the same thing after being imported with Azure as the SAML provider. Are you possibly using Azure as your SAML provider or someone else?
09-08-2022 11:13 PM
You assume correct, we are using azure as SAML Provider and both the SSO and SLO Urls match. Do you know to what we should change the SLO URL? What I've found so far is: https://login.microsoftonline.com/common/wsfederation?wa=wsignout1.0
09-17-2022 03:38 PM
Also see the saml auhententication option and the default browser option as if the browser is set to yes and saml authentication to no then it can cause issues:
https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000oMUmCAM
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
