cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6081
Views
2
Helpful
2
Replies

Palo Alto GlobalProtect and Duo yubikey

johnny3
Beginner
Beginner

Hi

i have installed Palo Alto Globalprotect and use duo push for my users, this works great - user authenticate trough windows (username/pass) and verify w/duo push on smartphones.

But now there are some users that dont have smartphones and maybe dont have phones. I tried to add yubikey hardware tokens and U2F but i dont seem to get how this should/could co-exist with the current configuration. That is working.

Is there a easier way to do this, with users that dont have the possiblity to use phones - just authenticate w/yubikey hw token/u2f device.

Thank you for info related to this matter.

2 Replies 2

tuantran1
Beginner
Beginner

Yes, the Authentication Proxy service must be restarted after a change to authproxy.cfg. The down time should be less than five minutes (more like 2-3) while the service cycles. That does impact authentications as it can’t respond to incoming requests while the service restarts.

Duo, not DUO.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links