- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
The issue we are having is with Connect BEFORE Logon. With GlobalProtect 5.2.8, the browser window appears to be stuck between Azure AD and Duo MFA. We see the Azure AD credentials authenticate succesfully and the Microsoft prompt goes away (so that must be working), and we briefly see the Duo MFA Universal Prompt attempt to open, but it flashes on the screen for a second and then the GP window just shows a blank window. In the logs, the last thing we see GP do is open two Duo web service URLs. Then nothing until we cancel GlobalProtect. NOTE: I just tried 5.2.9 and it actually gets stuck earlier in the process, just after the user enters their Azure AD password. It just hands on the "enter password" screen like it never gets back a "succesful". In the 5.2.9 logs, i see the URL for the Azure AD login page, with the word BLOCK in front of it. Does that make any sense?
Any suggestions on how to troubleshoot this? Is it the cookies maybe?