GlobalProtect offers a Connect Before Logon (client version 5.2 or higher) option that provides a mechanism for joining MIT's network through the VPN before the typical Windows logon. This ensures that a computer can contact the domain controller for authentication as well as receive group policy. This also provides network connectivity at logon for mapped drives and printers but also can provide network connectivity for other MIT services that typically are only available while connected to MIT's network. This will provide for an overall computing experience that more closely replicates being on-campus.
|Enable Connect Before Logon
If you already have version 5.2 or higher of GlobalProtect and would like to manually enable the Connect Before Logon fuction, please download and add the attached reg file (enableCBL.reg) to your registry. This reg file will enable Connect Before Logon as well as provide the correct settings to allow Duo 2FA to function properly on version 5.2.9 and higher. The contents of the reg file are as shown below:
Once enabled, there will be a network logon button at the Windows logon screen.
|If you need to connect to a particular gateway please see the article on selecting a preferred gateway.