Connecting to the GlobalProtect VPN

Summary

What to expect when you connect to the GlobalProtect VPN

Body

Connecting to the UNBC GlobalProtect(GP) Virtual Private Network(VPN) is normally a smooth process that only takes a few moments.

Occasionally an unexpected event or behavior may be observed. In this article, we describe what should be expected so users can compare their experiences to help understand if what they are seeing is expected or possibly needs further inspection by ITS.

Table of Contents:

What is a Virtual Private Network (VPN)? 

A virtual private network (VPN) extends the UNBC network through the Internet enabling users to access UNBC resources as if they are connected locally to the campus network.  Furthermore, VPN traffic is encrypted between remote computers and the campus network in order to keep the data travelling through it private and secure. 

Computers using the UNBC VPN system have all of the benefits of locally connected computers, including access to resources such as shared drives (H: and G: drive) which are normally unavailable for access from off campus.

Another benefit to using the VPN system is that it can be used to secure a local network connection keeping those around you from being able to access your network traffic. This is especially useful in places where one must use a non-encrypted wireless network such as in a cafe or airport. On a non-encrypted wireless network, it is easy for people to intercept your network traffic.  The UNBC VPN service provides protection in such circumstances as well.

Using the UNBC VPN system from such locations encrypts your data all the way to the UNBC network.

Standard Log in Process with Multi-Factor Authentication(MFA)

The first time a user logs into a UNBC service they will need to also complete an MFA Challenge.

1) To get started: Open the GlobalProtect client

  • Option 1: Click on the GP icon system tray in the bottom right hand of your corner of your screen.
  • Option 2: Search for GlobalProtect in the start menu and launch the application.

Uploaded Image (Thumbnail)

Uploaded Image (Thumbnail)                  

2) The GlobalProtect window will appear and show disconnected, from there click connect

3) Enter in your unbc credentials (username@unbc.ca).

  • The default browser should appear with a normal SSO (single-sign on) log in request

4) You will be prompted with a MFA challenge.

  • Approve the sign-in request, then finish logging in with SSO (single-sign on).

Uploaded Image (Thumbnail)

Uploaded Image (Thumbnail)

Uploaded Image (Thumbnail)

Uploaded Image (Thumbnail)

5) After SSO completes, a new browser page from Palo Alto will appear with a pop up that says 'this site is trying to open GlobalProtect', please select open. 

6) Click on the GP system tray icon to confirm you have succussfully connected to the VPN.

7) The GlobalProtect window will report on the state of the login and display connected when it's finished connecting.

Uploaded Image (Thumbnail)

Uploaded Image (Thumbnail)

Uploaded Image (Thumbnail)

Subsequent Log in process

If you have already logged into a UNBC service and completed an MFA challenge the process is a little shorter.

1) To get started: Open the GlobalProtect client

  • Option 1: Click on the GP icon system tray in the bottom right hand of your corner of your screen.
  • Option 2: Search for GlobalProtect in the start menu and launch the application.

Uploaded Image (Thumbnail)

Uploaded Image (Thumbnail)

2) The GlobalProtect window will appear and show disconnected, from there click connect

3) The default browser should appear with a normal SSO (single-sign on) log in request.

4) After SSO completes, a new browser page from Palo Alto will appear with a pop up that says 'this site is trying to open GlobalProtect', please select open.

Uploaded Image (Thumbnail)

Uploaded Image (Thumbnail)

Uploaded Image (Thumbnail)

6) Click on the GP system tray icon to confirm you have succussfully connected to the VPN.

7) The GlobalProtect window will report on the state of the login and display connected when it's finished connecting.

Uploaded Image (Thumbnail)

Uploaded Image (Thumbnail)

Other Expected Behaviours / Troubleshooting

  • If you accidentally close the browser window before logging into the VPN
    • The GP window will hang and appear to be endlessly connecting.
    • In this case open the window and click on the three lines to then cancel the connection so you can attempt to connect again.Uploaded Image (Thumbnail)​​​​​

Didn't need to log in?

  • In some instances a computer will reconnect to the VPN after a reboot without the need for a user to log in again or click the connect button.
  • Reconnecting to the VPN without the need to log in multiple times is intended to happen within the same work day.

Changing Portals

  • If you change Portals you may need to log in again.

Changing Gateways within the same Portal

  • Connecting to specific gateways within a portal no longer requires a user to log in again.

Very first time my VPN connects

  • If this is the very first time a VPN has ever connected there may be a small delay, or apparent problems, as the VPN figures out how it's supposed to work (it has to download it's configuration).
  • In this case give the VPN 30-60 seconds and try to connect again. If this approach doesn't work after 2-3 attempts please contact the help desk.

VPN Upgrades/Patching

  • When the VPN is upgraded your computer will download the new version either the next time you connect or the following time.
  • When this happens the VPN should present a notice in the bottom right corner of the screen letting you know it's upgrading.
  • The VPN will appear to hang and be unavailable for up to 1-5 mins. If the VPN fails to connect after 5 mins and 2-3 attempts to log in please contact the help desk.
  • Sometimes the upgrade fails and you may get an email from ITS requesting you to help manually update the VPN.

Details

Details

Article ID: 8873
Created
Wed 2/14/24 5:25 PM
Modified
Tue 2/20/24 9:18 PM