Globalprotect Mobile - no cert found

Announcements
Attention: The LIVEcommunity is experiencing an interruption with videos in some areas. We apologize for any inconvenience this may cause. Thank you for your patience as we work towards a solution to restore videos.
Reply
Highlighted
L3 Networker

Globalprotect Mobile - no cert found

I've seen post like Re: IOS Global Protect APP - Required Client Certificate is not found but the fix was to manually import certificate to phone..How do I make my GP on droid to auto-download cert and connect ? I have same problem on Windows PC , manual cert import make the client working

gp mobile2.jpg

Tags (3)

Accepted Solutions
Highlighted
L2 Linker

Re: Globalprotect Mobile - no cert found

Other alternative is to configure a pre-shared secret based authentication method. Either way you will need to use some kind of authentication method.

Same document, please refer to page 8-9

Configuring a Pre-Shared Secret on the GlobalProtect Gateway

1. On the GlobalProtect Gateway, navigate to Network > GlobalProtect > Gateways and create a new Gateway configuration or modify an existing Gateway.

2. From the General tab, enable Tunnel Mode and then select Enable IPSec and Enable X-Auth Support.

3. Enter a Group Name.

4. Enter and confirm the Group Password.

5. Click Ok and then commit the configuration.

Configuring a Pre-Shared Secret on the Android Device

1. On the Android device, open Settings > Wireless and networks > More > VPN.

2. Click Add VPN network.

3. Enter a descriptive name for the profile in the Name field.

4. In the Type drop-down, select IPSec Xauth PSK as the type.

5. In the Server address field, enter the address of the GlobalProtect Gateway.

6. Enter the group name configured previously in the IPSec identifier field.

7. Enter the group password in the IPsec pre-shared key field.

8. Save the configuration.

9. To establish a VPN, go to Settings > Wireless and networks > VPN and select the new VPN profile.

10. Click Connect and you will be prompted for your username and password. Once authenticated, the VPN will be

established.

View solution in original post


All Replies
Highlighted
L2 Linker

Re: Globalprotect Mobile - no cert found

Hello Niuk,

For certificate based auth using droid phone, you must manually export and import the certificates.

Please refer to this document GlobalProtect Configuration for the IPSec Client on Android Devices Page 5

Hope this helps.

Highlighted
L3 Networker

Re: Globalprotect Mobile - no cert found

What is my option if i don't want certificate based authentication , how do I setup whole thing  so phone doesn't need certificate (credentials only)?

Highlighted
L2 Linker

Re: Globalprotect Mobile - no cert found

Other alternative is to configure a pre-shared secret based authentication method. Either way you will need to use some kind of authentication method.

Same document, please refer to page 8-9

Configuring a Pre-Shared Secret on the GlobalProtect Gateway

1. On the GlobalProtect Gateway, navigate to Network > GlobalProtect > Gateways and create a new Gateway configuration or modify an existing Gateway.

2. From the General tab, enable Tunnel Mode and then select Enable IPSec and Enable X-Auth Support.

3. Enter a Group Name.

4. Enter and confirm the Group Password.

5. Click Ok and then commit the configuration.

Configuring a Pre-Shared Secret on the Android Device

1. On the Android device, open Settings > Wireless and networks > More > VPN.

2. Click Add VPN network.

3. Enter a descriptive name for the profile in the Name field.

4. In the Type drop-down, select IPSec Xauth PSK as the type.

5. In the Server address field, enter the address of the GlobalProtect Gateway.

6. Enter the group name configured previously in the IPSec identifier field.

7. Enter the group password in the IPsec pre-shared key field.

8. Save the configuration.

9. To establish a VPN, go to Settings > Wireless and networks > VPN and select the new VPN profile.

10. Click Connect and you will be prompted for your username and password. Once authenticated, the VPN will be

established.

View solution in original post

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!