Is it possible to edit the GlobalProtect download page?
On the page where users are prompted to download the 32bit, 64bit, or Mac version version of GP, I would like to add some instructions for the not so savvy user on which version to select and how to install the client. If there's a better way of doing this I'm open to it. Setting it up via AD is not an option.
I tried it on the Portal login page but my text shows up on the Login page AND the Download page. Would prefer the text to only show up on the Download page.
These commands may help:
set global-protect redirect on
set global-protect redirect location https://vpn.example.com
You're not customizing the download page, you're redirecting to a new webserver where you can do whatever you want (downloads, instructions, etc.)
Looks like amansour is right...
From the 5.0 CLI Guide:
> redirect — GlobalProtect portal configuration > location — Location to fetch GlobalProtect Agent binary file (path: http://host/directory-path) > off — Disables redirect (allows Agent download from GlobalProtect Portal only) > on — Enables hosting GlobalProtect Agent download files on a server other than the GlobalProtect Portal
Exactly which portal page are you referring to? I know you can modify the "Global Protect Login Page" but whatever you place on this page is viewable pre-login. Once you've logged in you are taken to the "global-protect/getsoftwarepage.esp" which is the page I would like to modify.
Yeah, we all wish! Even if you could modify it the box isn't a proxy, it won't re-write. So if you thought you'd put a few internal links there so you could have SSL-ONLY access, you can't.
All you can do after you authenticate is download the VPN clients.
Your best bet is to modify the only page you can which is the initial portal page (the one with the login on it) You can even remove the Login portion and create an instruction page about getting the clients and installing them. Because the only thing you can connect to on the SSL splash page is the links to download the executable, nothing else.
You could also (if your adventurous) create a NAT rule to an internal web-server and create a captive portal screen so you'd modify whatever you like, login, the site they access after login. Only problem is you would have the same user to IP mapping if 2 users came over the same NAT device publicly.
I've tried modifying the portal login page. The PAN automatically inserts the html code to call for the "<pan_form/>" at the end - the login username/password still appears. Hopeless.
Nah, it's not hopeless. There is a way around that...just display the page source once you render it, and then copy and past the source output HTML. Make sure you remove the PAN form variable.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!