GlobalProtect
Example: GlobalProtect iOS App Device-Level VPN Configuration
Table of Contents
Expand All
|
Collapse All
GlobalProtect Docs
-
9.1 (EoL)
- 10.1 & Later
- 9.1 (EoL)
-
-
-
- Deploy App Settings in the Windows Registry
- Deploy App Settings from Msiexec
- Deploy Scripts Using the Windows Registry
- Deploy Scripts Using Msiexec
- SSO Wrapping for Third-Party Credential Providers on Windows Endpoints
- Enable SSO Wrapping for Third-Party Credentials with the Windows Registry
- Enable SSO Wrapping for Third-Party Credentials with the Windows Installer
-
- Mobile Device Management Overview
- Set Up the MDM Integration With GlobalProtect
- Qualified MDM Vendors
-
- Remote Access VPN (Authentication Profile)
- Remote Access VPN (Certificate Profile)
- Remote Access VPN with Two-Factor Authentication
- Always On VPN Configuration
- Remote Access VPN with Pre-Logon
- GlobalProtect Multiple Gateway Configuration
- GlobalProtect for Internal HIP Checking and User-Based Access
- Mixed Internal and External Gateway Configuration
- Captive Portal and Enforce GlobalProtect for Network Access
-
-
- End User Experience
- Management and Logging in Panorama
-
- View a Graphical Display of GlobalProtect User Activity in PAN-OS
- View All GlobalProtect Logs on a Dedicated Page in PAN-OS
- Event Descriptions for the GlobalProtect Logs in PAN-OS
- Filter GlobalProtect Logs for Gateway Latency in PAN-OS
- Restrict Access to GlobalProtect Logs in PAN-OS
- Forward GlobalProtect Logs to an External Service in PAN-OS
- Configure Custom Reports for GlobalProtect in PAN-OS
- Monitoring and High Availability
-
- About GlobalProtect Cipher Selection
- Cipher Exchange Between the GlobalProtect App and Gateway
-
- Reference: GlobalProtect App Cryptographic Functions
-
- Reference: TLS Ciphers Supported by GlobalProtect Apps on macOS Endpoints
- Reference: TLS Ciphers Supported by GlobalProtect Apps on Windows 10 Endpoints
- Reference: TLS Ciphers Supported by GlobalProtect Apps on Windows 7 Endpoints
- Reference: TLS Ciphers Supported by GlobalProtect Apps on Android 6.0.1 Endpoints
- Reference: TLS Ciphers Supported by GlobalProtect Apps on iOS 10.2.1 Endpoints
- Reference: TLS Ciphers Supported by GlobalProtect Apps on Chromebooks
- Ciphers Used to Set Up IPsec Tunnels
- SSL APIs
-
6.3
- 6.3
- 6.2
- 6.1
- 6.0
- 5.1
-
- Download and Install the GlobalProtect App for Windows
- Use Connect Before Logon
- Use Single Sign-On for Smart Card Authentication
- Use the GlobalProtect App for Windows
- Report an Issue From the GlobalProtect App for Windows
- Disconnect the GlobalProtect App for Windows
- Uninstall the GlobalProtect App for Windows
- Fix a Microsoft Installer Conflict
-
- Download and Install the GlobalProtect App for macOS
- Use the GlobalProtect App for macOS
- Report an Issue From the GlobalProtect App for macOS
- Disconnect the GlobalProtect App for macOS
- Uninstall the GlobalProtect App for macOS
- Remove the GlobalProtect Enforcer Kernel Extension
- Enable the GlobalProtect App for macOS to Use Client Certificates for Authentication
-
6.1
- 6.1
- 6.0
- 5.1
-
6.3
- 6.3
- 6.2
- 6.1
- 6.0
- 5.1
End-of-Life (EoL)
Example: GlobalProtect iOS App Device-Level VPN Configuration
The following
example shows the XML configuration containing a VPN payload that you can use to verify
the device-level VPN configuration of the GlobalProtect app for iOS. Note that the key
values in your configuration file may be different from the example based on the
third-party MDM system you are working
with.
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>PayloadContent</key> <array> <dict> <key>PayloadDescription</key> <string>Configures VPN settings, including authentication.</string> <key>PayloadDisplayName</key> <string>VPN (Sample Device Level VPN)</string> <key>PayloadIdentifier</key> <string>Sample Device Level VPN.vpn</string> <key>PayloadOrganization</key> <string>Palo Alto Networks</string> <key>PayloadType</key> <string>com.apple.vpn.managed</string> <key>PayloadVersion</key> <integer>1</integer> <key>PayloadUUID</key> <string>5436fc94-205f-7c59-0000-011d</string> <key>UserDefinedName</key> <string>Sample Device Level VPN</string> <key>Proxies</key> <dict/> <key>VPNType</key> <string>VPN</string> <key>VPNSubType</key> <string>com.xyznetworks.GlobalProtect.vpnplugin</string> <key>IPv4</key> <dict> <key>OverridePrimary</key> <integer>0</integer> </dict> <key>VPN</key> <dict> <key>RemoteAddress</key> <string>gp.paloaltonetworks.com</string> <key>AuthName</key> <string></string> <key>DisconnectOnIdle</key> <integer>0</integer> <key>OnDemandEnabled</key> <integer>1</integer> <key>OnDemandRules</key> <array> <dict> <key>Action</key> <string>Connect</string> </dict> </array> <key>AuthenticationMethod</key> <string>Password</string> </dict> <key>VendorConfig</key> <dict> <key>AllowPortalProfile</key> <integer>0</integer> <key>FromAspen</key> <integer>1</integer> </dict> </dict> </array> <key>PayloadDisplayName</key> <string>Sample Device Level VPN</string> <key>PayloadOrganization</key> <string>Palo Alto Networks</string> <key>PayloadDescription</key> <string>Profile Description</string> <key>PayloadIdentifier</key> <string>Sample Device Level VPN</string> <key>PayloadType</key> <string>Configuration</string> <key>PayloadVersion</key> <integer>1</integer> <key>PayloadUUID</key> <string>5436fc94-205f-7c59-0000-011c</string> <key>PayloadRemovalDisallowed</key> <false/> </dict> </plist>