Build IPsec between Andriod phone and Palo Alto firewall

Build IPsec between Andriod phone and Palo Alto firewall

Created On 09/25/18 20:40 PM - Last Modified 06/14/23 06:28 AM


To connect an Android/IOS phone with a Palo Alto Networks firewall, we can use the predefined VPN app on the phone.  The GlobalProtect app is not required.


Step 1: Enable X-Auth and enter Group Name and Password in the GlobalProtect Gateway configuration:




Step 2. On your phone either Android/IOS, add a new VPN.  The IPsec identifiers are the X-Auth Group Name and Group Password. The server address is the portal address. The server address has to be either an IP address or domain name. If the certificate CN has an IP address use the IP address. If the certificate CN uses a domain name then use domain name.


VPN profile configuration.png


Step 3: Connect on the phone: While connecting you will be prompted for username and password. Enter the username and password according to the authenticaiton profile used in the gateway and portal.


Entering username and password.png


Step 4:  A successful connection will be shown as follows:


 Status connected.png


  • Print
  • Copy Link

Choose Language