New customer here, currently working my way though configuring the various parts of the firewall...
At the moment, I'm working on User VPN, and I'm finding it difficult to find clear step-by-step documentation. I did manage to make an SSL vpn connection earlier today, but the only traffic I see on the firewall is DNS and a few LDAP connections to the domain controllers specified in my gateway rule.
The administrator guide obviously mentions VPN, but it seems to jump from place to place, and for someone with limited understanding of the various concepts it mentions (e.g. loopback interfaces, tunnel interfaces etc.) its pretty full on.
Can anyone point to some step by step documentation for a newb?
You may follow below mentioned knowledge base article to better understanding and implementation:
GlobalProtect >>>>>> document for initial setup
Troubleshooting GlobalProtect, PAN-OS 4.1 >>>> Document for basic troubleshooting
Hope this helps.
Global Protect has lots of sub-feature and components, every one can deploy it in a different way. hence its not possible to have just simple configuration steps.
All we have is the Tech Note which covers details on every sub-feature and components.
that's the link I followed for setting mine up, I'm currently testing some of the options and stuff but it does a fairly good job of getting you up and running quickly. It's for an older version so some of the options in various steps are on different tabs and stuff but it's not to hard to find them.
And I never could get the certificates working they way that's suggested, I ended up just doing a basic selfsigned cert and using it for GW and portal instead of trying to do a separate root and cert like the documentation suggests.
If something is not working as expected, it is always recommended to contact PAN support ( if you have a valid support entitelement) and get it fixed.
You can refer to Global Protect Administrator's guide apart from the links suggested above. This explains lot of possible ways to configure GlobalProtect like two factor, client-cert authentication, RSA tokens, and more. It also has references to other documents in it. It is pretty big but lot of your doubts should be cleared in this document:
Let us know if you have any specific questions.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!