08-13-2018 09:58 AM
Hey guys,
I've been tasked to have Globalprotect only allow company owned devices over the VPN. I know I can create custom HIP checks for Windows/Mac (reg/plist value). How would I do the same for Linux clients?
I have two end users that work remote, and are on a Linux machine. Still having issues with getting the GlobalProtect client for linux to work properly. VNC with IPSec is how they currently connect, and it works fine. I'm only on version 4.1.2, and am working on upgrading to 4.1.4 in hopes it corrects my problem.
The problem I'm having with the Linux client is that it fails because it doesn't trust the server certificate. However, when you navigate to the portal there is no certificate error.
Linux client problems aside... I'm trying to find the best answer to meet this initiative -> Only allow our devices on the VPN
Is the HIP check the best/easiest answer, or should I be looking elsewhere?
Thanks for all your help,
Paul
