Showing results for 
Show  only  | Search instead for 
Did you mean: 
Please sign in to see details of an important advisory in our Customer Advisories area.

Who Me Too'd this topic

Global Protect Pre-Logon followed by SAML SSO

L1 Bithead

Hi Guys,


I have implemented global protect with pre-logon (device certificate) followed by user logon using SAML (Azure AD as SAML IDP)

When global protect client initiate the user authentication below windows security pop up asking to confirm the certificate.


After confirming the certificate it connects fine and every time user reboot same pop up box comes up, if I replace the SAML auth with LDAP auth, I don't get any pops for certificate and everything works fine.


I have client certificate profile (internal Root and Intermediate CA) attached to client profile in each scenario ( LDAP auth vs SAML)

Also note that pre-logon works fine on each scenario and I can see before login to the machine globalprotect shows connected.


Has anyone come across this or similar issue?





Who Me Too'd this topic