In the
GlobalProtect
VPN for Remote Access, the GlobalProtect portal and gateway
are configured on
ethernet1/2
, so this is
the physical interface where GlobalProtect users connect. After
a user connects and authenticates to the portal and gateway, the
endpoint establishes a tunnel from its virtual adapter, which has
been assigned an IP address from the IP pool associated with the
gateway tunnel.2 configuration—10.31.32.3-10.31.32.118 in this example.
Because GlobalProtect VPN tunnels terminate in a separate
corp-vpn
zone,
you have visibility into the connection traffic as well as the ability
to customize security policies for remote users.