Coming soon - Get a detailed view of why an account is flagged as spam!
view details

This post has been de-listed

It is no longer included in search results and normal feeds (front page, hot posts, subreddit posts, etc). It remains visible only via the author's post history.

2
PA-3260's Management MFA
Post Flair (click to view more posts with a particular flair)
Question
Post Body

So I'm running two PaloAlto's in HA.. And we've been using Local authentication for years at this point for administration. We just setup MFA using Fortiauthenticator (Ugh I know, but it works as a regular Radius)

So now I'm looking into securing the management with MFA.

From my understanding I just go to Device->Management-> Authentication Settings -> Authentication Profile -> (select the profile where it's limited to just a few users)

Then presumably management would be done via MFA? But in case things don't work right.. Would the local authentications still work? I have yet to find a clear documentation on this.. Other then you can't select a authentication sequence it has to be a specific profile.

Author
Account Strength
100%
Account Age
6 years
Verified Email
Yes
Verified Flair
No
Total Karma
8,235
Link Karma
565
Comment Karma
7,560
Profile updated: 3 days ago
Posts updated: 2 months ago
jkw118

Subreddit

r/paloaltonetworks

Post Details

We try to extract some basic information from the post title. This is not always successful or accurate, please use your best judgement and compare these values to the post title and body for confirmation.
Posted
3 years ago
Reddit URL
View post on reddit.com
External URL
reddit.com/r/paloaltonet...