How to connect to Palo Alto VPN – GlobalProtect from Linux server without modifying any configuration? – 如何在不修改服务器配置下,使用 Linux server 连接 Palo Alto VPN?

Posted on By paulPosted in TECH

The issue

It’s boring and even impossible to follow offical doc of connecting GlobalProtect from PaloAlto website to just get your Linux server / desktop linking to your office.

Strongman or twisted openconnect or vpnc or even vpnc over Ubuntu desktop , may cost you days to setup and even just waste of time since your IT manager is not going to compromise anything to x-auth.

What now?

Solution

Consider this issue in a much simpler way: SSH Port forwarding.

  • Drop Windows 10 Pro in your Azure portal

    > Do not use Windows Server since GlobalProtect doesn’t support that OS.
  • Setup OpenSSH for Windows, making sure SSH Server selected
  • Open port 22 in Azure NSG
  • Provide SSH dynamic port forwarding to your Azure Windows 10 Pro
ssh -D 8080 username@azure-remote-host
  • Now your have a 8080 socket5 proxy in your local OS. It’s a tunnel to your office after you install and connect PaloAlto GlobalProtect in the Windows 10 Pro VM