Hardware reference guide
GlobalProtect Administrator’s Guide 153
GlobalProtect Quick Configs Remote Access VPN with Two-Factor Authentication
Step 8 Configure a GlobalProtect Gateway.
See the topology diagram shown in
Figure: GlobalProtect VPN for Remote
Access.
Select
Network > GlobalProtect > Gateways and add the following
configuration:
Interface—ethernet1/2
IP Address—199.21.7.42
Server Certificate—GP-server-cert.pem issued by Go Daddy
Certificate Profile—GP-client-cert
Authentication Profile—Corp-LDAP
Tunnel Interface—tunnel.2
IP Pool—10.31.32.3 - 10.31.32.118
Step 9 Configure the GlobalProtect Portal.Select
Network > GlobalProtect > Portals and add the following
configuration:
1. Set Up Access to the Portal:
Interface—ethernet1/2
IP Address—199.21.7.42
Server Certificate—GP-server-cert.pem issued by Go Daddy
Certificate Profile—GP-client-cert
Authentication Profile—Corp-LDAP
2. Create a GlobalProtect Client Configuration:
Connect Method—on-demand
External Gateway Address—gp.acme.com
Step 10 Deploy the GlobalProtect Agent
Software.
Select
Device > GlobalProtect Client.
In this example, use the procedure to Host Agent Updates on the
Portal.
Step 11 (Optional) Enable use of the
GlobalProtect mobile app.
Purchase and install a GlobalProtect Gateway subscription
(
Device > Licenses) to enable use of the app.
Step 12 Save the GlobalProtect configuration. Click
Commit.
Quick Config: VPN Remote Access with Two-Factor Authentication (Continued)