11-19-2018 04:39 AM
Hi
i have installed Palo Alto Globalprotect and use duo push for my users, this works great - user authenticate trough windows (username/pass) and verify w/duo push on smartphones.
But now there are some users that dont have smartphones and maybe dont have phones. I tried to add yubikey hardware tokens and U2F but i dont seem to get how this should/could co-exist with the current configuration. That is working.
Is there a easier way to do this, with users that dont have the possiblity to use phones - just authenticate w/yubikey hw token/u2f device.
Thank you for info related to this matter.
10-23-2020 03:14 PM
10-26-2020 11:15 AM
Yes, the Authentication Proxy service must be restarted after a change to authproxy.cfg. The down time should be less than five minutes (more like 2-3) while the service cycles. That does impact authentications as it can’t respond to incoming requests while the service restarts.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide