A while ago I wrote about how to connect on Linux with a Palo Alto firewall over a classic IPsec vpn.
All this is not needed anymore or at least you have an alternative now: if you don’t want to use IPSec you will love the awesome helper openconnect which comes with Palo Alto ssl vpn support.
That means you can use the standard PA access via global protect gateway and so no need for IPsec anymore (if you don’t want to).
The only thing you need to do now is to install openconnect, configure it e.g. with the network manager applet and that’s it. Easy as 1,2,3.
- Download and install openconnect e.g. for Arch linux: yaourt -S openconnect-palo-git
- Download and install the network manager applet for openconnect: yaourt -S networkmanager-openconnect-multiprotocol-git
- Configure openconnect
- Start your vpn
That’s it. Have fun and enjoy your native Palo Alto ssl vpn access on Linux.« back to Blog ListPrint out