It's boring and even impossible to follow offical doc of connecting GlobalProtect from PaloAlto website to just get your Linux server / desktop linking to your office.
Consider this issue in a much simpler way:
SSH Port forwarding.
Windows 10 Proin your Azure portal
> Do not use Windows Server since GlobalProtect doesn't support that OS.
- Setup OpenSSH for Windows, making sure SSH Server selected
- Open port 22 in Azure NSG
- Provide SSH dynamic port forwarding to your
Azure Windows 10 Pro
ssh -D 8080 username@azure-remote-host
- Now your have a 8080 socket5 proxy in your local OS. It's a tunnel to your office after you install and connect PaloAlto GlobalProtect in the
Windows 10 Pro VM