...
NCSSM’s Palo Alto Networks firewall provides a VPN (Virtual Private Network), GlobalProtect, as part of its capabilities. Instructions for its installation and use by NCSSM staff are provided below. Please create a ticket for ITS if you have any issues or questions regarding these instructions.
Table of Contents |
---|
Installing the GlobalProtect Client
Follow the set of instructions appropriate to your client system to install the GlobalProtect client. Then, continue to the Using GlobalProtect section for instructions on its use.
Info |
---|
Notes:
|
Windows
To install the GlobalProtect VPN client on Windows, follow these steps:
...
Please create a ticket for ITS if you have any issues installing the client.
macOS
Installing the GlobalProtect VPN client on macOS is substantially similar to the process for installing it on Windows.
...
Please create a ticket for ITS if you have any issues installing the client.
Ubuntu
Palo Alto Networks does provide a GlobalProtect client for Linux systems. However, we instead use a compatible VPN client, vpnc, available for Linux. To install vpnc on Ubuntu, follow these steps:
Open a terminal and execute the command:
sudo apt-get update && sudo apt-get install vpnc network-manager-vpnc
Note that it may be necessary to enter your password at the prompt in order to enable root access for the installation.
Once the command completes, launch the network manager by clicking on the Network Manager icon and selecting VPN Connections> Configure VPN … > Add.
Under Connection name, give the VPN connection a name. "NCSSM-vpn" or a variant is appropriate.
On the VPN tab, enter the following values:
Gateway: fw.ncssm.edu
User name: Your NCSSM user name, without prepended “NCSSM\”.
User password: Your NCSSM password. Set the pull-down menu value on the right to Saved unless you wish to enter your password each time you connect to the VPN.
Group name: Test1
Group password: 1test. Again, set the pull-down menu value on the right to Saved unless you wish to enter the group password each time you connect to the VPN.
Ensure that Use hybrid authentication is unchecked.
Click on Advanced…, then enter the following values:
Domain: ncssm
Vendor: Cisco (default)
Version: blank
Encryption method: Secure (default)
NAT traversal: NAT-T when available (default)
IKE DH Group: DH Group 2 (default)
Perfect Forward Secrecy: Server (default)
Local port: 0
Ensure that Disable Dead Peer Detection is unchecked
Click Apply.
On the IPv4 Settings tab:
Ensure that Method is Automatic (VPN).
Click on Routes..., then on the window that opens:
Check Use this connection only for resources on its network.
Enter values in the following table by using the Add button and entering the values in each cell. (Leave the Metric cell blank.) Each cell will have a red background until a legal value is entered, at which point the background will turn green.
Address: 192.154.43.0
Netmask: 255.255.255.0
Gateway: 0.0.0.0
Students needing access to the Computer science server (cs.ncssm.edu) also need to repeat step ii with the address 10.1.0.0, and the same netmask and gateway.
Click OK.
Click Save….
The VPN client is now configured. See below for usage instructions.
Other Linux Distros
Please contact ITS for assistance.
Using GlobalProtect
Once GlobalProtect is installed, use these instructions to connect your client to the NCSSM VPN. Note that you can connect only from outside the NCSSM network. The instructions differ depending on your client system.
Windows and macOS
To use the GlobalProtect VPN, launch the GlobalProtect client and select File > Connect. Wait until the status is Connected.
Once you are done using the VPN, disconnect the client by selecting File > Disconnect. It will take a few seconds for the VPN tunnel to be disabled and your normal connection to be re-established.
Ubuntu
To use the GlobalProtect VPN, click on the Network Manager icon and select VPN Connections > NCSSM-vpn (or the name you specified when you configured the client). Wait for the VPN to connect. The network icon will change to show a small lock in the lower-right.
Once you are done using the VPN, again click on the Network Manager icon and select VPN Connections > Disconnect VPN. Note that it will take a few seconds for the VPN tunnel to be disabled and your normal connection to be re-established.
Other Linux Distros
Please contact ITS for assistance.