Shibb for Global Protect VPN?
Nathan Dors
dors at uw.edu
Thu Jan 21 20:04:33 UTC 2021
UWash uses F5 VPN configured to use SAML to integrate with our Shibboleth
IdP.
The F5 BIG-IP Edge client applications use embedded browsers, and work well
enough with our IdP's sign-in page (below), including Duo prompt (not
pictured below).
Our end user information is here:
https://itconnect.uw.edu/connect/uw-networks/about-husky-onnet/
-Nathan
[image: Screen Shot 2021-01-21 at 11.58.42 AM.png]
On Thu, Jan 21, 2021 at 11:43 AM IAM David Bantz <dabantz at alaska.edu> wrote:
> UAlaska has deployed VPN access using Global Protect. If I understand
> correctly, VPNs are (or can be) initiated in a web portal. If so, seems one
> could protect that web page with Shibb and thus have a valid SSO session
> immediately upon establishment of VPN connection (at least if IP address
> consistency is not enforced). I’ve been asked about that scenario by alert
> users. Has anyone tried that and willing to share experience? Or perhaps
> disabuse me of its feasibility?
>
> David St. Pierre Bant
> UAlaska IAM
> --
> For Consortium Member technical support, see
> https://wiki.shibboleth.net/confluence/x/coFAAg
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20210121/963c2e02/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screen Shot 2021-01-21 at 11.58.42 AM.png
Type: image/png
Size: 578251 bytes
Desc: not available
URL: <http://shibboleth.net/pipermail/users/attachments/20210121/963c2e02/attachment-0001.png>
More information about the users
mailing list