Some of the apps in my Access configuration have a policy “Gateway”
This used to work for authenticated access via WARP logged in via Zero Trust. The selector was “Gateway” and the Value was “Gateway”.
However it seems this has changed because the selector Gateway doesn’t exist anymore and the policy no longer works - if I am using WARP logged in via Zero Trust the app asks for credentials (as per other policies).
Is there a way to configure an application policy to allow me access without credentials request while logged via WARP Zero Trust?
Other working policies include static IP address, Azure AD and emails. But the WARP access would make things much easier.
No comments or experience from anyone else?
That’s an awesome use case, but I just don’t go deep in Zero Trust.
I’ll throw this in the Escalation queue, as it should be an easy question to answer without having to go through the ticket process.
It sounds like this now requires a Device Posture setting.
Do you have the WARP Device Posture method added in Settings > WARP Client?
Good to know, I will have to play with it then.
The next question would be “Does any device using WARP would have access to this service or only devices using WARP while logged into this network?”
The way I understand posture it’s a requirement more than an authentication.
WARP Device Posture → Consumer WARP.
Gateway Device Posture → WARP for Teams, enrolled into your Zero Trust organisation.
Thank you all for your comments. For the record:
- Updated Settings | WARP Client | WARP Client Checks and added “Gateway”
- Created Access Group “Gateway” with Group Configuration Selector “Gateway” and Value “Gateway”
- Added Application Policy “Service Auth” and assigned to the “Gateway” group
This works as intended.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.