The following workflows describe how to set up the GlobalProtect
portal and gateways to use an external authentication service. The
supported authentication services are LDAP, Kerberos, RADIUS, SAML,
These workflows also describe how to create an optional
that a portal or gateway can use to identify the
external authentication service. This step is optional for external
authentication because the authentication profile also can specify
the local authentication database or None.
GlobalProtect also supports local authentication. To use
local authentication, create a local user database (
Local User Database
) that contains
the users and groups to which you want to allow VPN access and then refer
to that database in the authentication profile.