Shibb for Global Protect VPN?
makst at upenn.edu
Thu Jan 21 20:43:13 UTC 2021
We found that we couldn't use ShibSP, but the GlobalProtect server could be configured for SAML using its own built-in SAML implementation and internal browser (that is not great)
From: users <users-bounces at shibboleth.net> on behalf of IAM David Bantz <dabantz at alaska.edu>
Reply-To: Shib Users <Users at shibboleth.net>
Date: Thursday, January 21, 2021 at 14:42
To: "Users at shibboleth.net" <Users at shibboleth.net>
Subject: Shibb for Global Protect VPN?
UAlaska has deployed VPN access using Global Protect. If I understand correctly, VPNs are (or can be) initiated in a web portal. If so, seems one could protect that web page with Shibb and thus have a valid SSO session immediately upon establishment of VPN connection (at least if IP address consistency is not enforced). I’ve been asked about that scenario by alert users. Has anyone tried that and willing to share experience? Or perhaps disabuse me of its feasibility?
David St. Pierre Bant
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users