Remote Access VPN - Strongswan client to PA GP Gateway

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Please sign in to see details of an important advisory in our Customer Advisories area.

Remote Access VPN - Strongswan client to PA GP Gateway

L0 Member

Is it possible to access a GlobalProtect gateway using the strongswan client on Ubuntu 16.04 LTS? I am trying to use ikev2 and use certificate authentication.  PA guidance suggests it is possible using Ubuntu 14 and PAN-OS7 but I can see no guidance for later versions. 



Cyber Elite
Cyber Elite


Any particular reason why you are using the StrongSwan client instead of the actual GlobalProtect Linux agent? The current documentation for strongSwan configuration hasn't been updated or validated since 7.0, but the setup process should be exactly the same and the documentation worked the last time I had to set it up.

I would try setting this up with IKEv1 to begin with just to verify that you have the process working, and then move on to attempt to get IKEv2 working correctly. 

Thanks, the reason for not using the GlobalProtect client is that we are using a secure build supplied to us from a third party which doesn't allow for the installation of additional applications.  There is a licensing issue which stops them being able to package the GP client and adding it to our build.  I have tried ikev1 with no success which I was putting down to the guidance being so dated but I will look at it again to ensure I have captured all of the steps

  • 2 replies
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!