External Authentication
—User authentication functions
are performed by external
LDAP,
Kerberos,
TACACS+,
SAML, or
RADIUSservices
(including support for two-factor, token-based authentication mechanisms,
such as one-time password (OTP) authentication). To
Set Up External Authenticationyou must
create a server profile with settings for access to the external
authentication service, create an authentication profile that refers
to the server profile, and specify client authentication in the
portal and gateway configurations and optionally specify the OS
of the endpoint that will use these settings. You can use different
authentication profiles for each GlobalProtect component.