GlobalProtect for Arch Linux

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

GlobalProtect for Arch Linux

L1 Bithead

Hi, I want to use global protect in Arch linux. I looked for the setup file at link which only exist with .deb and .rpm 
anyone Know how could I make this possible for arch Linux

2 accepted solutions

Accepted Solutions

You can install the official one, I've done it several times on Arch both in my lab and with my corporate issued machine. 

Extract the tgz file from the support portal.

Locate the GlobalProtect_UI_tar-X.Y.Z.tgz within that directory and extract it.

Go to the extracted directory, execute sudo ./install.sh

It should install without issue

 

Also if using SAML auth you have to add the default browser config, or it will fail when passing the SAML prompts with the system rendering engine. 

To fix this edit /opt/paloaltonetworks/globalprotect/pangps.xml with sudo or root permissions.

<?xml version="1.0" encoding="UTF-8"?>
<GlobalProtect>
       <Settings>
               <can-continue-if-portal-cert-invalid>yes</can-continue-if-portal-cert-invalid> 
               <default-browser>yes</default-browser>

Note: can-continue-if-portal-cert-invalid>yes</can-continue-if-portal-cert-invalid is required if you use *.gpcloudservice.com for your Prisma portal, otherwise you shouldn't set this option.


View solution in original post

4 REPLIES 4

Hi, @lidewu Thanks!
As I want to use this in a organisation is it safe as per the organisation

 

You can install the official one, I've done it several times on Arch both in my lab and with my corporate issued machine. 

Extract the tgz file from the support portal.

Locate the GlobalProtect_UI_tar-X.Y.Z.tgz within that directory and extract it.

Go to the extracted directory, execute sudo ./install.sh

It should install without issue

 

Also if using SAML auth you have to add the default browser config, or it will fail when passing the SAML prompts with the system rendering engine. 

To fix this edit /opt/paloaltonetworks/globalprotect/pangps.xml with sudo or root permissions.

<?xml version="1.0" encoding="UTF-8"?>
<GlobalProtect>
       <Settings>
               <can-continue-if-portal-cert-invalid>yes</can-continue-if-portal-cert-invalid> 
               <default-browser>yes</default-browser>

Note: can-continue-if-portal-cert-invalid>yes</can-continue-if-portal-cert-invalid is required if you use *.gpcloudservice.com for your Prisma portal, otherwise you shouldn't set this option.


Hi @jfarm, Thanks!

I had already edited that but it working once after each reboot. As, I discconect and try to reconnect it won't and give Error: Default Browser not enabled  

  • 2 accepted solutions
  • 4333 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!