is there any good alternatives out there for connecting linux and android clients to global connect\PA native IPsec vpn ??
And I DO NOT mean that native cisco is OK, the encryption used here has been broken for several years,and are not designed for either linux or android, and in many cases it does not function well
yes this seems very strange to as well, linux are an important part of many back bone and end users OS systems (i have been told that PA is built on centos linux distr for example) and there are estimates ranging between 25 and 50 mil linux users worldwide. For android I have seens estimates ranging from 40 - 60% of the global smartphone market, wich is double the number of iphone users, yet there is a iphone client from PA.
To me it just does not make sense. I have seen in several discussions here that these clients have been placed on the roadmap for PA development, but not for long yet it seems..
Is palo alto really satisfied with leaving this many users without a good and supported native solution ???
So are people successfully using the cisco anyconnect client for remote linux desktop laptop Cisco AnyConnect VPN Client Administrator Guide, Version 2.0 - Common AnyConnect VPN Client Installa... ?
I'm thinking of testing it for Mac and windows as well. I have been disappointed with the inability to easily prevent the GP agent from running at startup on Mac and windows... and the inability to make the agent process quit.
You can connect a linux client (using vpnc) to GlobalProtect as long as you've enabled tunnel mode and allow x-auth.
For Android, if you have purchased the portal license you can use the native Android GlobalProtect client (I use it myself on my Galaxy S3). Even if you don't have the license you can use the native VPN function on Android and iOS, as long as you have it set up with x-auth as above.
If you do have the paid license, you can find the app in the Play Store: https://play.google.com/store/apps/details?id=com.paloaltonetworks.globalprotect
iOS version is here: https://itunes.apple.com/us/app/globalprotect/id592489989?mt=8
Here's a doc talking about how to enable x-auth and get vpnc to connect:
Hope this helps!
edit: had the wrong link to the discussion before - sorry about that!
Greg... this is good. I have been able to easily get linux, ios and Mac OSX to connect using tunnel mode and Xauth. Native clients!!:smileyhappy:
Now Windows is the sticking point. Any ideas on how to avoid having to install the PA GP client on Windows. We are experimanting with Windows settings in the native client, with no luck so far.
hmm. apparently it will be difficult if not impossible to get the windows native client to play nice with Ipsec / Xauth (especially with psk). This juniper tech note explains..
yes I have also found anothwer app vpncilla that connects fine, and I think it is sad that their android client is restricted to portal license users, a lot of users, like my company uses global protect, witout having or need ing the rather expensive portal license.
andnothing good for linux wich is my main problem, native cisco with x auth does not work so good, and it uses broken security encryption.
besides palo alto does not support this, saying its not their native solution like global protect client for windows or ios.
like I said it have been on their roadmap for years and I am surprised, that we havent seen it yet
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!