This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
For details on cookie usage on our site, read our Privacy Policy
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
About Garrett_Heidorn
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- LIVEcommunity
- About Garrett_Heidorn
07-03-2022
2Posts
0Likes
0Solutions
Jul 03, 2022Last Visited
User
Activity
User
Profile
Latest posts by Garrett_Heidorn
| Subject | Views | Posted |
|---|---|---|
| 700 | 04-22-2022 07:42 PM | |
| 330 | 04-22-2022 05:24 PM |
User Badges
Community Statistics
| Member Since | 04-08-2022 09:58 AM |
| Date Last Visited | 07-03-2022 09:56 AM |
| Posts | 2 |
04-22-2022
07:42 PM
The script that I have seen is: /quiet /norestart PORTAL=gp.site.com CONNECTMETHOD=pre-logon USESSO=yes
... View more
04-22-2022
05:24 PM
I am trying to a set up an implementation of pre-logon, then SAML w/ Client Certificates. Utilizing a machine certificate I can configure how I want with no issues, but using only a client (user) certificate, pre-logon doesn't work, which is expected since the certificate is not in the computer's personal store, but the user's. In order to combat this, I've attempted to set up the following: Portal agents: Pre-logon pre-logon group Accept auth cookies LoggedOn any group Generate auth cookies Authentication Profile: SAML Certificate profile: InternalCAProf Gateway clients: Pre-logon pre-logon group Accept auth cookies LoggedOn any group Generate auth cookies Authentication Profile: SAML Certificate profile: InternalCAProf As shown, I want the user to authenticate with the portal/gateway the first time utilizing SAML, a cookie should be generated, then the cookie should be accepted for pre-logon only. PAN OS 10.2.0 (Lab environment here) Does anyone know if this implementation is possible?
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
07-03-2022
09:56 AM
|
LEGAL NOTICES
Copyright 2007 - 2022 - Palo Alto Networks