In the
GlobalProtect
VPN for Remote Access, the GlobalProtect portal and gateway
are configured on
ethernet1/2
, so this is
the physical interface where GlobalProtect users connect. After
a user connects and authenticates to the portal and gateway, the endpoint
establishes a tunnel from its virtual adapter, which has been assigned
an IP address from the IP pool associated with the gateway tunnel.2
configuration—10.31.32.3-10.31.32.118 in this example. Because GlobalProtect
VPN tunnels terminate in a separate
corp-vpn
zone,
you have visibility into the connection traffic as well as the ability
to customize security policies for remote users.