GlobalProtect is the name of the virtual private network (VPN) provided by the Palo Alto Networks firewalls. Are you going to work remotely for a company that requires you to use this VPN? Here’s how to install the necessary software and connect on openSUSE Leap and Tumbleweed and also on Linux Kamarada (a novel Linux distro based on openSUSE Leap).
- Linux Cisco Anyconnect Vpn
- Cisco Anyconnect Vpn Client Linux Certificate
- Cisco Anyconnect Vpn For Linux
VPNs are used by organizations (such as companies and universities) to allow people (employees and students) to remotely connect to their networks. A VPN provides an encrypted connection (a tunnel) between your home computer and the organization network. If you want to know more about VPNs, read the beginning of this post:
On that occasion, we talked about OpenVPN, another VPN technology.
This is a widely used and popular VPN server within enterprises and if you’re a Linux user who need help installing and using AnyConnect, this brief tutorial is going to show you how It shows you how to download and install AnyConnect using Ubuntu 18.04 or 16.04 desktop computers. Linux Red Hat 6, 7, 8.1 & Ubuntu 16.04 (LTS), 18.04 (LTS), and 20.04 (LTS) Additional Information To retrieve important information, such as download links, configuration details, codes/serial numbers, and installation instructions, login to our website, and click on Order History. The Cisco AnyConnect VPN Client is desktop software that secures traffic between your computer and restricted campus services. With the Cisco AnyConnect VPN Client software running in the background, network traffic is automatically routed and encrypted using Datagram Transport Layer Security (DTLS) over SSL or Transport Layer Security (TLS). What is SSL VPN? SSL VPN is a client application used to connect to the VPN. This is an application, which gets installed on the computer. This client has support for 64bit systems. This is also known as the AnyConnect client.
Today, we are going to talk about GlobalProtect.
Linux users have two options for connecting to GlobalProtect VPNs:
- the OpenConnect client, which is a free software, thus provided by the Linux distributions themselves; or
- the official (proprietary) GlobalProtect client, provided by Palo Alto Networks.
I advance that I was not able to make the official client work on openSUSE. So, I mention it here just to let you know that it exists.
Option #1: OpenConnect client
OpenConnect is a VPN client initially created to support Cisco’s AnyConnect VPN. It has since been ported to support the Pulse Connect Secure VPN and the PAN GlobalProtect VPN. Support for the latter came with version 8.00, released on January 4, 2019.
Installation
openSUSE Tumbleweed, the rolling release version of openSUSE, has OpenConnect version 8.05 available on its official repositories. If you use this distribution, to install OpenConnect, you just need to run:
openSUSE Leap 15.1, the (traditional) regular release version of openSUSE, offers OpenConnect version 7.08 on its official repositories.
That is the same version that comes installed out-of-the-box on Linux Kamarada 15.1.
If you are an user of either of these distros, you need to update OpenConnect to version 8.05, which can be retrieved from the network repository. To do this, first add the network repo:
Then, install the OpenConnect package (explicitly stating that you want to download it from the network repo):
Up-to-date OpenConnect installed, everyone on the same page, let’s see how to use it.
Connection
To connect to a GlobalProtect VPN, have the following information ready:
- GlobalProtect server, you need either its IP address or its full qualified domain name (FQDN);
- user name (login); and
- user password.
If you don’t know them, ask your organization’s network administrator or IT staff.
Open a terminal window (reserve a terminal window just for connecting) and run the following command, making the appropriate replacements:
Type the administrator (root user) password and hit Enter:
Then, when prompted, enter your user password to access the VPN:
Connection is established and the IP address you obtained from the VPN is informed:
In this example, 10.22.4.171
.
The OpenConnect command does not end immediately. Instead, it runs indefinitely. You remain connected to the VPN as long as you keep that program running (that’s why I advised to reserve a terminal window just for it).
During this time, you can access the organization’s internal systems from your home computer as if you were there (phisically speaking). Protection for mac computers.
When you no longer need the VPN and want to disconnect, press Ctrl + C to stop OpenConnect (and close the connection):
Option #2: GlobalProtect official client
Palo Alto Networks provides a GlobalProtect app for Linux in two versions: a command line interface (CLI) version and a graphical user interface (GUI) version. Ideally, the package or installer should be provided to you by the organization’s network administrator or IT staff.
Unfortunately, there are organizations that do not support Linux. Searching the Internet, I found a link to download the GlobalProtect app on this page of the Kansas State University:
Linux Cisco Anyconnect Vpn
Also unfortunately, I was unable to make it work on Linux Kamarada 15.1, neither the CLI version, nor the GUI version. The GlobalProtect compatibility matrix shows that the Linux distributions officially supported by Palo Alto Networks are CentOS, Red Hat Enterprise Linux (RHEL) and Ubuntu. openSUSE distributions are not officially supported.
Cisco Anyconnect Vpn Client Linux Certificate
References
Cisco Anyconnect Vpn For Linux
- Como se conectar a uma VPN Global Protector no Linux - Blog do Edivaldo (in Portuguese)
- Openconnect - Conexão de VPN Paloalto no Debian - Artigo - Viva o Linux (in Portuguese)