End-of-Life (EoL)
Configure
a Device-Level VPN Configuration for Android Devices Using AirWatch
You can easily enable access to internal resources
from your managed Android mobile endpoints by configuring VPN access
using AirWatch. In a device-level VPN configuration, you route all
of the traffic that matches the access routes configured on the
GlobalProtect gateway through the GlobalProtect VPN.
- Download the GlobalProtect app for Android:
- Download the GlobalProtect app directly from Google Play.
- From the AirWatch console, modify or add a new Android profile.
- Navigate to.DevicesProfilesList View
- Select an existing profile to which to add the VPN configuration or add a new one (select).AddAdd Profile
- SelectAndroidas the platform andDeviceas the configuration type.
- ConfigureGeneralprofile settings:
- Name—Provide a meaningful name for this configuration.
- Version—This field is auto-populated with the latest version number of the configuration profile.
- Description—A brief description of the profile that indicates its purpose.
- Profile Scope—Scope for this profile, eitherProduction,Staging, orBoth.
- Assignment Type—Determines how the profile is deployed to endpoints. SelectAutoto deploy the profile to all endpoints automatically,Optionalto enable the end user to install the profile from the Self-Service Portal (SSP) or to manually deploy the profile to individual endpoints, orComplianceto deploy the profile when an end user violates a compliance policy applicable to the endpoint.
- Managed By—The Organization Group with administrative access to the profile.
- Assigned Smart Group—The Smart Group to which you want the device profile added. Includes an option to create a new Smart Group which can be configured with specs for minimum OS, device models, ownership categories, organization groups and more.
- Allow Removal—Determines whether or not the profile can be removed by the endpoint's end user. SelectAlwaysto enable the end user to manually remove the profile at any time,Neverto prevent the end user from removing the profile from the endpoint, orWith Authorizationto enable the end user to remove the profile with the authorization of the administrator. ChoosingWith Authorizationadds a required Password.
- Exclusions—IfYesis selected, a new fieldExcluded Smart Groupsdisplays, enabling you to select those Smart Groups you wish to exclude from the assignment of this device profile.
- Save and Publishthis profile to the assigned Smart Groups.
- To configure the VPN settings, selectVPNand then clickConfigure.
- ConfigureConnection Info, including:
- Connection Type—SelectGlobalProtectas the network connection method.
- Connection Name—Enter the name of the connection name that the endpoint will display.
- Server—Enter the hostname or IP address of the GlobalProtect portal to which to connect.
- ConfigureAuthenticationinformation:
- Choose the method to authenticate end users:PasswordorCertificate.
- Enter theUsernameof the VPN account or click add ( “+” ) to view supported lookup values that you can insert.
- Enter aPasswordor upload anIdentity Certificatethat GlobalProtect will use to authenticate users.
- Save & Publishthis profile to the assigned Smart Groups.
Recommended For You
Recommended Videos
Recommended videos not found.