Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Who rated this post

IOS + User logon (Always On) + SAML is not working...

L3 Networker

>Founf this in the release note: GPC-6663

The GlobalProtect app for iOS does not support SAML authentication when you configure GlobalProtect with the User-logon (Always On) Connect Method (NetworkGlobalProtectPortals<portal-config>Agent<agent-config>App). This limitation is due to the Apple Network Extension framework, which blocks network connections from the GlobalProtect app (where users are authenticated to their organization’s SAML identity provider) until the VPN tunnel is created. #https://docs.paloaltonetworks.com/globalprotect/4-1/globalprotect-app-release-notes/gp-app-release-i...

 

>In the newer versions 5.1,5.2,5.3 and 6.0 I didn't see information that this issue got fixed, (since it's due to the Apple Network Extension framework, probably it can not be fixed on our side alone?).

 

>Work around found here in this article, please follow the resolution to configure On-demand as Connect Method for IOS devices. #https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000PMfYCAW

 

>Is there any solution to this?

Who rated this post