GlobalProtect VPN settings

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

GlobalProtect VPN settings

L2 Linker

Hello

 

I discover GP so I'm sorry, in advance, if my questions are stupide.

 

Q1 : How I can force my users to enter their credentials (OnPrem AD or Azure AD depending the auth profile configured) when they start GP protect ? I don't want to use SSO and I want that my user enter their credential each time that they want to start the VPN connexion.

 

Q2 : Is-it possible to configure the GP client with the Gateway server by default (without the possibilty to remove it by user or to add another one) ? The objective is when I deploy the client on the computer via SCCM or when user open a session on the portal to download the vpn client, the client is already "pre-configured" with our settings and user does not have to enter gateway information, just click "connect".... 🙂

 

BR 

 

 

6 REPLIES 6

L2 Linker

Hello

 

No update?

 

BR

Cyber Elite
Cyber Elite

Hi @jeromecarrier ,

 

1.  If you change Save User Credentials to No under Network > GlobalProtect > Portals > [edit] > Agent > Configs > [edit] > Authentication, the user will have to enter their username and password every time.

2.  If you set "Allow User to Change Portal Address" to No under App in the same agent client config, then the user will not be able to change the portal address.  Note that this document -> https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-web-interface-help/globalprotect/network-globalp... says that you "must supply the default portal address in the Windows registry or Mac plist".

 

Thanks,

 

Tom

Help the community: Like helpful comments and mark solutions.

Hello

I have not found the option to force to enter user credentials each time in  Network > GlobalProtect > Portals > [edit] > Agent > Configs > [edit] > Authentication... 😞

Cyber Elite
Cyber Elite

Hi @jeromecarrier ,

 

As mentioned above, change "Save User Credentials" to No.  Please see the pic below.

 

TomYoung_0-1669135615823.png

 

You may also want to verify that "Use Single Sign-On" is disabled for Windows and MacOS under the App tab.

 

TomYoung_2-1669135844657.png

 

Thanks,

 

Tom

Help the community: Like helpful comments and mark solutions.
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!