GlobalProtect Portals Agent Tab
Select the Agent tab to define the agent
configuration settings. The GlobalProtect portal deploys the configuration
to the device after the connection is first established.
You can also specify that the portal automatically deploy trusted
root certificate authority (CA) certificates and intermediate certificates.
If the endpoints do not trust the server certificates that the GlobalProtect
gateways and GlobalProtect Mobile Security Manager are using, the
endpoints need these certificates to establish HTTPS connections
to the gateways or Mobile Security Manager. The portal pushes the
certificates you specify here to the client along with the client
configuration.
To add a trusted root CA certificate, Add an
existing certificate or Import a new one.
To install (transparently) the trusted root CA certificates that
are required for SSL Forward Proxy decryption in the certificate
store on the client, select Install in Local Root Certificate
Store.
Specify the trusted root CA certificate
that the GlobalProtect app uses to verify the identity of the GlobalProtect
portal and gateways. If the portal or gateway presents a certificate
that has not been signed or issued by the same certificate authority
that issued the trusted root CA, the GlobalProtect app cannot establish
a connection with the portal or gateway.
If you have different types of users that require different configurations,
you can create separate agent configurations to support them. The
portal subsequently uses the user or group name and OS of the client
to determine the agent configuration to deploy. As with security
rule evaluations, the portal looks for a match, starting from the
top of the list. When the portal finds a match, it delivers the
corresponding configuration to the app. Therefore, if you have multiple
agent configurations, it is important to order them so that more specific
configurations (configurations for specific users or operating systems)
are above the more generic configurations. Use
Move Up and
Move Down to
reorder the configurations. As needed,
Add a
new agent configuration. For detailed information on configuring
the portal and creating agent configurations, refer to
GlobalProtect Portals in
the
GlobalProtect Administrator’s Guide. When
you
Add a new agent configuration or modify
an existing one, the
Configs window opens and displays five
tabs, which are described in the following tables: