User gets connected to newly deployed GP Portal without credential prompt

User gets connected to newly deployed GP Portal without credential prompt

4313
Created On 03/24/21 08:24 AM - Last Modified 06/07/24 21:12 PM


Symptom


  • Client is connected to Portal GP1:
User-added image
 
  • Portal is switched to GP2, the same user is able to connect to GP2 without being prompted for password:
     
User-added image

Environment


  • Palo Alto Firewalls
  • Supported PAN-OS
  • GlobalProtect (GP) Portal with similar authentication settings
  • Save User Credentials is checked in GP portal configuration.

Cause


  • The new portal configuration does not take effect until it is connected successfully.
  • The Portal connection is just switched from A to B, before connected to B and so the GP app still uses portal A's cached config. 

Resolution


  1. Set "Save User Credentials" to "No" or "Save Username Only"
  2. Now the  user is prompted for credentials when switching the portal.
GUI: Network > GlobalProtect > Portals > (portal name) > Agent > (agent name) > Authentication  
Portal Agent Settings
 
 
 
 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000001UvICAU&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language