Cara Install GlobalProtect VPN Client di Linux Ubuntu 18.04 LTS

Kali ini saya ingin sedikit share bagaimana cara nya install VPN Client dari Palo Alto yaitu GlobalProtect di Linux Ubuntu 18.04

1. Pertama kali kita harus punya file PanGPLinux-4.1.1-c14.tgz

File tersebut bisa di dapatkan dari login ke support portal nya PaloAlto, atau kalau cari di google saya ketemu ada yang share disini

2. Setelah download filenya, bisa langsung di extract :

tar -xvf ~/pkgs/PanGPLinux-4.1.1-c14.tgz

3. Nanti dari hasil file extract nya akan ada 3 file yaitu :

GlobalProtect_deb-4.1.1.0-14.deb                           
GlobalProtect_rpm-4.1.1.0-14.rpm                           
GlobalProtect_tar-4.1.1.0-14.tgz

4. Kita bisa install yang file .deb nya :

$ sudo dpkg -i GlobalProtect_deb-4.1.1.0-14.deb

[sudo] password for dony:
Selecting previously unselected package globalprotect.
(Reading database ... 201969 files and directories currently installed.)
Preparing to unpack GlobalProtect_deb-4.1.1.0-14.deb ...
Start installing gp...
Unpacking globalprotect (4.1.1-14) ...
Setting up globalprotect (4.1.1-14) ...
Enable gp service...
Starting gp service...
Create symlink for gp cli...
Starting gpa...
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...

5. Untuk menjalankan nya tinggal ketik saja perintah :

$ globalprotect
>>

Untuk keluar, ketik quit  :

>> quit

6. Untuk perintah help nya :

>> help

Usage: only the following commands are supported: 

collect-log            -- collect log information 

connect                -- connect to server 

disconnect             -- disconnect

disable                -- disable connection

import-certificate     -- import client certificate file

quit                   -- quit from prompt mode

rediscover-network     -- network rediscovery

remove-user            -- clear credential 

resubmit-hip           -- resubmit hip information

set-log                -- set debug level

show                   -- show information

Command-line mode:

user@linuxhost:~$ globalprotect help

Usage: only the following commands are supported: 

collect-log            -- collect log information 

connect                -- connect to server 

disconnect             -- disconnect

disable                -- disable connection

import-certificate     -- import client certificate file

quit                   -- quit from prompt mode

rediscover-network     -- network rediscovery

remove-user            -- clear credential 

resubmit-hip           -- resubmit hip information

set-log                -- set debug level

show                   -- show information

7. Cara koneksi ke server VPN Palo Alto nya adalah :

$ globalprotect connect --portal myportal.example.com

Retrieving configuration...                                            

Disconnected

There is a problem with the security certificate, so the identity of 10.3.188.61 cannot be verified. Please contact the Help Desk for your organization to have the issue rectified.

Warning: The communication with 10.3.188.61 may have been compromised. We recommend that you do not continue with this connection.

Error details:Do you want to continue(y/n)?y

Retrieving configuration...                                            

Disconnected

10.3.188.61 - portal:local:Enter login credentials

username:user1

Password:

Retrieving configuration...                                            

Discovering network...

Connecting...

Connected 

8. Jika butuh certificate, maka harus di import terlebih dahulu :

$ globalprotect import-certificate --location /home/mydir/Downloads/cert_client_cert.p12 

Please input passcode:

Import certificate is successful. 

Setelah selesai import, tinggal coba connect lagi

9. Untuk Mengecek status koneksi nya :

$ globalprotect show --status

GlobalProtect status: Connected

$ globalprotect show --details           

Assigned IP address: 192.168.1.132                                      

Gateway IP address: 192.168.1.180

Protocol: IPSec

Uptime(sec): 231

Referensi : https://docs.paloaltonetworks.com/globalprotect/4-1/globalprotect-app-user-guide/globalprotect-app-for-linux/use-the-globalprotect-app-for-linux.html

Semoga bermanfaat untuk pembaca semua.

Dony Ramansyah

site : http://donyramansyah.net

blog : dony-ramansyah.blogspot.com

email : dony.ramansyah[at]gmail.com

Registered linux user : ID 40017