It is about small task - provide two-factor authentication for 10 employeees with Paloalto NGFW PA-220 for GlobalProtect Portal (web ssl vpn) based on Local User, without AD.
Please, help with wich way is correct : Is it more prefer to use DAG or DAP, or another way?
Because it is no information on Duo-portal:
As I understood that way is with Palo Alto SAML.
Bu i didn’t found information about how it configure with Local User scenario.
And as a second. if it is with DAG scenario. Is correct that DAG no need white ip, only local ip in DMZ like 172.16.20.73?
Who know, who can help me, please?