Palo Alto Networks Knowledgebase: Build IPsec between Andriod phone and Palo Alto firewall

Build IPsec between Andriod phone and Palo Alto firewall

9944
Created On 02/08/19 00:04 AM - Last Updated 02/08/19 00:04 AM
Resolution

To connect an Android/IOS phone with a Palo Alto Networks firewall, we can use the predefined VPN app on the phone.  The GlobalProtect app is not required.

 

Step 1: Enable X-Auth and enter Group Name and Password in the GlobalProtect Gateway configuration:

 

Xauth.png

 

Step 2. On your phone either Android/IOS, add a new VPN.  The IPsec identifiers are the X-Auth Group Name and Group Password. The server address is the portal address. The server address has to be either an IP address or domain name. If the certificate CN has an IP address use the IP address. If the certificate CN uses a domain name then use domain name.

 

VPN profile configuration.png

 

Step 3: Connect on the phone: While connecting you will be prompted for username and password. Enter the username and password according to the authenticaiton profile used in the gateway and portal.

 

Entering username and password.png

 

Step 4:  A successful connection will be shown as follows:

 

 Status connected.png

 



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClkhCAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language