Manualshelf

Hardware reference guide

ManualsBrandsAlto ManualsComputer equipmentBEXT 100H
31323334353637383940
32 GlobalProtect Administrator’s Guide
Configure GlobalProtect Gateways Set Up the GlobalProtect Infrastructure
Configure GlobalProtect Gateways
Because the GlobalProtect configuration that the portal delivers to the agents includes the list of gateways the
client can connect to, it is a good idea to configure the gateways before configuring the portal.
The GlobalProtect Gateways can be configured to provide two main functions:
Enforce security policy for the GlobalProtect agents and apps that connect to it. You can also enable HIP
collection on the gateway for enhanced security policy granularity. For more information on enabling HIP
checks, see Use Host Information in Policy Enforcement.
Provide virtual private network (VPN) access to your internal network. VPN access is provided through an
IPSec or SSL tunnel between the client and a tunnel interface on the gateway firewall.
Prerequisite Tasks for Configuring the GlobalProtect Gateway
Before you can configure the GlobalProtect gateway, you must have completed the following tasks:
Created the interfaces (and zones) for the interface where you plan to configure each gateway. For
gateways that require tunnel connections you must configure both the physical interface and the virtual
tunnel interface. See Create Interfaces and Zones for GlobalProtect.
Set up the gateway server certificates required for the GlobalProtect agent to establish an SSL connection
with the gateway. See Enable SSL Between GlobalProtect Components.
Defined the authentication profiles and/or certificate profiles that will be used to authenticate
GlobalProtect users. See Set Up GlobalProtect User Authentication.
Configure a GlobalProtect Gateway
After you have completed the prerequisite tasks, configure the GlobalProtect Gateways as follows:
Configure the Gateway
Step 1 Add a gateway. 1. Select Network > GlobalProtect > Gateways and click Add.
2. On the
General tab, enter a Name for the gateway. The gateway
name should not contain any spaces and as a best practice it
should include the location or other descriptive information that
will help users and other administrators identify the gateway.
3. (Optional) Select the virtual system to which this gateway
belongs from the
Location field.