06-28-2024 09:26 AM
Hello All,
We currently only require Password or certificate when using global protect. We already have device certificates deployed using PKI on our domain computers.
My question is where do I apply this policy for testing? I notice under client authentication you can have multiple profiles that require password and/or password authentication but how do I link this to a user group for testing? is this even the right place.
Thanks
07-02-2024 08:32 AM
Hi @MNoble ,
Portals -> Your Portal -> Authentication is where you can create a client auth profile specifying your 2FA. To link user groups for testing, you can go to Device -> User Identification -> Group Mapping Settings. This is where you can create a Group Mapping Profile to include the user groups you want to test with. You'll need a LDAP server profile if you don't have one created already...
Once that is setup and the proper groups have shown up and are selected, head back to GP Portal config settings and add the Group Mapping profile (GP -> Portal -> Your Portal -> Agent Config -> Config Selection Criteria -> User/User Group) you previously created.
Hope this helps!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
