Hardware reference guide

ManualsBrandsAlto ManualsComputer equipmentBEXT 100H

100

94 GlobalProtect Administrator’s Guide

Define Deployment Policies Set Up the GlobalProtect Mobile Security Manager

Define a GlobalProtect VPN Configuration

While the GlobalProtect Mobile Security Manager allows you to push configuration settings that allow access

to your corporate resources and provides a mechanism for enforcing device restrictions, it does not secure the

connection between the mobile device and services it connects to. To enable the client to establish secure tunnel

connections, you must enable VPN support on the device. For simplified GlobalProtect VPN setup on iOS

devices, you can push the GlobalProtect VPN configuration settings to the device in the configuration profile

as described in the following procedure. For general configuration profile information, see Create an iOS

Configuration Profile.

Step 8 Add certificates to push to the mobile

devices. These can either be certificates

that you generated on the Mobile Security

Manager, or certificates that you import

from a different CA. You can push any

certificate the device will need to connect

to your internal applications and services.

1. Select the

Certificates tab and then click Add.

2. Select an existing certificate from the list, or

Import a certificate

generated by a different CA.

3. If the certificate contains a private key, you must also enter the

Password to be used to decrypt the key.

Step 9 Set up an access point name (APN) for

the mobile device to use to present to the

carrier to identify the type of network

connection to supply.

1. Select the

APN tab and then select the APN check box to enable

the service on the managed devices.

2. Enter the

Access Point Name for the packet data network

(PDN) or other service, such as a wireless application protocol

(WAP) server or multimedia messaging service (MMS) to allow

the mobile devices to communicate with.

Step 10 Save the configuration profile. 1. Click

OK to save the configuration settings you defined and

close the iOS Configuration dialog.

Commit your changes.

Create a GlobalProtect VPN Configuration

Step 1 Select or add an iOS configuration profile

to which to add the GlobalProtect VPN

configuration settings.

Select Policies > Configuration > iOS and then click Add or select an

existing configuration to which to add the VPN settings.

If this is a new configuration profile, enter identifying information

for the profile and define other configuration settings and

restrictions as appropriate. See Create an iOS Configuration Profile

for details.

Step 2 Define the GlobalProtect VPN

connection settings.

1. Select the

VPN tab and click Add to open the VPN dialog.

2. Enter a

Name to identify this configuration on the Mobile

Security Manager.

3. Enter a

Connection Name to display on the device.

4. Enter the FQDN or IP address of the GlobalProtect portal in

the

Server field. The value you enter must match the CN field

in the portal server certificate.

5. Make sure

Connection Type is set to Palo Alto Networks

GlobalProtect

Create an iOS Configuration Profile (Continued)