Differenze

Queste sono le differenze tra la revisione selezionata e la versione attuale della pagina.

--- pub:conf-vpn-paloalto-en [2021/02/08 09:12] – marco.nesler@unitn.it
+++ pub:conf-vpn-paloalto-en [2022/08/08 14:26] – m.fiorazzo@unitn.it
@@ Linea 2: / Linea 2: @@
 [[https://wiki.unitn.it/pub:conf-vpn-paloalto|versione italiana]]
 ----
-The **GloblaProtect** client allows you to use the UniTN network resources in the same way you can do in your office but from a remote site (home network or any internet connection) and it supports Windows,MacOS and Linux clients.
+The **GlobalProtect** client allows you to use the UniTN network resources in the same way you can do in your office but from a remote site (home network or any internet connection) and it supports Windows,MacOS and Linux clients.
 The **GlobalProtect Mobile** client is available on the app stores (Android/Apple) and can be used on mobile clients.
-The **OpenConnect** unofficial client can be used to connect with Linux machines.
+For security reasons, access to the VPN is only allowedto clients fulfilling a minimum security baseline:
+  * Windows: Supported OS ( Windows 8.1, Windows 10, Windows 11 ), automatic updates enabled, antivirus installed
+  * MacOSX: Supported OS ( OSX Version 10.13 o later), automatic updates enabled
+  * Linux: Automatic updates enabled (CentOS, RehHat, Ubuntu)
+[[https://docs.paloaltonetworks.com/compatibility-matrix/globalprotect/where-can-i-install-the-globalprotect-app.html|Supported devices and Operating Systems]]
 Internet traffic will still flow from the active connection (ADSL, etc) while only the Unitn traffic will be routed into the tunnel (**Spilt Tunnel Mode**)
@@ Linea 19: / Linea 24: @@
 - Navigate to URL [[https://vpn.icts.unitn.it]] and follow step 1)
-Otherwise you can download it from the links below and jump to step 4)
+Otherwise you can download it from the [[https://wiki.unitn.it/pub:vpn-paloalto-sw|download page]] and jump to step 4)
-^GlobalProtect Download^
-|{{:pub:vpn:globalprotect64-5.2.3.msi|Windows 7/8/10 (64bit) GlobalProtect}}|
-|{{:pub:vpn:globalprotect-5.2.3.msi|Windows 7/8/10 (32bit) GlobalProtect}}|
-|{{:pub:vpn:globalprotect-5.2.3.pkg|MACOSX GlobalProtect}} (*)|[[:pub:conf-vpn-paloalto#macos_catalina|Note for MacOS Catalina]]|
-|[[https://wiki.unitn.it/PanGPLinux-5.2.3-c10.tgz|Linux GlobalProtect]]|
-|[[:pub:conf-vpn-paloalto#openconnect|Linux OpenConnect]]|
 ) login with your UniTN credentials on https://vpn.icts.unitn.it :
@@ Linea 58: / Linea 56: @@
 {{:pub:vpn:3-gp-settings.jpg?400}}
 {{:pub:vpn:8.png?400}}
+===== GlobalProtect Mobile =====
+  * Download the client on Play/App Store, searching for "globalprotect".
+  * Launch the app, in the Portal section, insert //vpn.icts.unitn.it//:
+    {{:pub:vpn:GP-mobile-portal.png?300}}
+  * When asked, insert the University credentials in the //user.name@unitn.it// format and click on //Sign IN//:
+    {{:pub:vpn:GP-mobile-user.png?300}}
 ===== GlobalProtect for Linux =====
+Get the client from the [[https://wiki.unitn.it/pub:vpn-paloalto-sw|download page]]
-Decompress the package using the command:
-<code>
-tar xzfv PanGPLinux-5.2.3-c10.tgz
-</code>
 Install the package using the commands related to your Linux distribution:
@@ Linea 78: / Linea 80: @@
 </code>
-===== OpenConnect =====
+===== macOS Catalina =====
-----
-OpenConnect is an **unofficial** client for Linux machines, to use it you need to be able to do some basic compilation and installation procedures on the machine.
-The software is available on: [[https://www.infradead.org/openconnect/download.html]]
+NB: if you are using MacOS Catalina, before being able to establish the connection, you have to go to: Settings —> Security and Privacy —> General as you can see below e click on "Open Anyway"
-Installation instructions are dependent upon the specific Linux distribution, below you'll find the instruction for an Ubuntu 18.04 LTS. More installation instructions can be found on the README on the git repository.
+{{:pub:vpn:catalina.png?400}}
-----
-Installation and download of OpenConnect client and libraries:
+===== Blocked resources =====
-<code>
-sudo apt-get install build-essential gettext autoconf automake libproxy-dev libxml2-dev libtool vpnc-scripts pkg-config zlib1g-dev libgnutls28-dev
-git clone git://git.infradead.org/users/dwmw2/openconnect.git
+Users connection with unsupported operating systems will not be able to access the following resources:
-cd openconnect
-./autogen.sh
-./configure
-make
-sudo make install && sudo ldconfig
-</code>
-After the installation, you can connect to the University network using this command:
-<code>
-sudo openconnect --protocol=gp --user=user.name@unitn.it vpn.icts.unitn.it
-</code>
-===== macOS Catalina =====
+alessandria1.unitn.it
+.168.206.42
-NB: if you are using MacOS Catalina, before being able to establish the connection, you have to go to: Settings —> Security and Privacy —> General as you can see below e click on "Open Anyway"
+nx-trento.unitn.it
+.168.132.11
-{{:pub:vpn:catalina.png?400}}
+nx-collina.unitn.it
+.168.123.6
+.168.123.5
+fluidfs-prod.unitn.it
+.168.123.11
+fluidfs-prod2.unitn.it
+.168.123.19
+.168.123.18
+f87.unitn.it 192.168.187.25
+f85.unitn.it 192.168.187.26