Automate GlobalProtect VPN connection

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Automate GlobalProtect VPN connection

L1 Bithead

Hi All,

 

 

 

We are trying to automate connections using the GlobalProtect VPN with a batch script. There's a way to accomplish it?

 

I've tried to use the PanGPA.exe in "C:\Program Files\Palo Alto Networks\GlobalProtect\" without success.

 

Any kind of help would be greatly appreciated.

 

Kind Regards,

FRG

9 REPLIES 9

L6 Presenter

Hi...The GP client can be configured to automatically discover the closest GP gateway and connect to the gateway.  It is one of the features of Global Protect.  Is that what you're looking for?

Thanks for the reply @rmonvon, what I need is a way to automate the connection/disconnection without human intervention.

 

My goal is to create a scheduler task that periodically monitors a network, and I have to connect via a GlobalProtect VPN client.

 

It's even possible ?

You can set up the GlobalProtect VPN client to connect automatically whenever connectivity is available without human intervention.  The VPN connection would remain active & connected though.

 

If you want the VPN to connect when there is certain traffic present (i.e. traffic to 10.10.10.x/24) , you will need to use site-2-site VPN which requires a PA firewall on both ends.    

Could you not use the pre-logon?

Yes, we can use pre-logon but FRG would still need to decide if alway-on mode is acceptable.

Thank you both for the Info.

 

I need to open & close the connection every 10 minutes because in the Scheduled Tasks are 3 other VPNs.

 

The script execute something like this:

 

Start ScheduledTask:
  Open VPN1
      Execute N Scripts
  Close VPN1

 

Open VPNGlobalProtect
      Execute N Scripts
  Close VPNGlobalProtect

 

  Open VPN3
      Execute N Scripts
  Close VPN3

Finish ScheduledTask

 

So, I think  alway-on mode it's not an option.

Couldn't you just modify the scrpit and leave out the portions of opening and closing the VPN connections? I'm not sure what your scripts are doing but I don't see a reason to need the VPN to close after a script unless you're trying to limit the amount of traffic through the VPN. 

 

Hi,

 

Currently I have 3 different VPN from 3 clients, every X minutes the scheduled task start a script that open and close every one of these VPNs.

 

For example, in one VPN I use this method to automate the connection:

 

https://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/rasdial.mspx?mfr=tru...

 

Thanks for the time 

 

Cumbersome setup if you ask me.

 

Maybe better alternative:

Keep client connected to Globalprotect VPN.

On firewall make site-to-site connections to the other VPN's.

Routing can take care of the rest.

 

I guess that would work far more reliable too...

  • 6767 Views
  • 9 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!