There is nothing under Device -> Multi Factor Authentication on my 820. The issue must lie with either the Duo Proxy config file (the only thing I can think of is the radius_ip is set to my management interface and not the public IP for the GlobalProtect Gateway) OR the RADIUS server profile that I set up for Palo Alto must be incorrect. I'm unable to authenticate at all with either Windows credentials or the local database. I've configured a RADIUS server inside of my network - however it doesn't appear to do anything. Network-> Gateways -> GlobalProtect Gateway is set to the new Authentication profile listed above. Device -> Authentication Profile is created and set to the RADIUS server profile above. Device -> RADIUS is configured for PAP with my secret key Palo config is set up according to Duo's documentation. Require MFA is set to a AD group that I am syncing to Duo for user registration. I have the Application "Palo Alto SSL VPN" enabled on my Duo portal. I can't seem to get it to work, so I'm hoping to be able to get some insight here to better protect my network.Ĭurrently my users authenticate via an Authentication Profile that is linked with the Local User Database, using a static password that I set up for them. I'm attempting to implement MFA on my Palo 820 for my remote GlobalProtect users, utilizing Duo. PANW - Press Releases & Public Statements.We are not officially supported by Palo Alto networks, or any of it's employees, however all are welcome to join and help each other on a journey to a more secure tomorrow.ĭo you have support related questions? Check the Support Site Company Information
This subredditt is for those that administer, support, or want to learn more about Palo Alto Networks firewalls.
0 kommentar(er)
