Hardware reference guide
76 GlobalProtect Administrator’s Guide
Set Up the Mobile Security Manager for Device Management Set Up the GlobalProtect Mobile Security Manager
Step 6 (Optional) Force device users to re-enroll
upon identity certificate expiry.
By default, mobile device users are not
required to manually re-enroll when the
identity certificate expires; the Mobile
Security Manager will automatically
re-issue the identity certificates and
re-enroll the devices.
To force mobile device users to re-enroll when certificates expire:
1. Select
Setup > Settings > Server and then click the Edit icon
in the Enrollment Renewal Settings section.
2. Select the
Require Re-Enroll check box.
3. (Optional) Customize the
Renewal Message that will display
on the mobile devices to alert the end users that they will need
to unenroll and then re-enroll before the certificate expires in
order to continue with the Mobile Security Manager device
management service. The
{DAYS} variable will be replaced with
the actual number of days until certificate expiration when the
message is sent to the device.
4. Click
OK to save the renewal settings.
Step 7 Save the configuration. Click
Commit.
Step 8 Configure the GlobalProtect portal to
redirect mobile devices to the Mobile
Security Manager for enrollment.
For more detailed instructions, see
Configure the GlobalProtect Portal.
Perform the following steps on the firewall hosting your
GlobalProtect portal:
1. Select
Network > GlobalProtect > Portals and select the portal
configuration to modify.
2. Select the
Client Configuration tab and select the client
configuration to enable for Mobile Security Management.
3. On the
General tab, enter the IP address or FQDN of the
device check-in interface on the
GlobalProtect MDM Mobile
Security Manager.
4. (Optional) Set the
GlobalProtect MDM Enrollment Port on
which the Mobile Security Manager will be listening for
enrollment requests. This value must match the value set on the
Mobile Security Manager.
5. Click
OK twice to save the portal configuration.
6.
Commit the changes.
Set Up the Mobile Security Manager for Enrollment (Continued)