We recently installed Palo Alto firewalls (3000 series) and are currently working on our VPN configurations.
We have multiple 3rd party credential providers including drive encryption and Windows single sign on. One of the selling points was the ability to have SSO VPN and full tunneling of the traffic on our laptops while off site.
We have been unable to make this work with any of the other credential providers installed on the laptops. The available documentation suggests wrapping the PAN credentials using a registry edit but this breaks the Windows SSO and does not fix the PAN GP SSO. To be fair a stock domain laptop running Windows 7 or 8 does work with PAN GP SSO. Unfortunately that is not an option for us.
PAN OS versions: 7.0.11, 7.0.12, 7.0.13, 7.1.6, 7.1.7
GP Client versions: 3.1.13, 3.1.14, 3.1.15
Windows OS versions: 7, 8, 10
What have people been doing with multiple third party credential providers and using PAN GP SSOs?
Sorry I didn't provide the link support keeps giving me:
We have tried this as mentioned above but it doesn't allow it to work.