Setting up and using GlobalProtect VPN for Linux
VPN provides you with secure access to University services and the Internet when you are off campus.
Northwestern is transitioning to a new VPN platform called GlobalProtect. GlobalProtect replaces three existing VPN clients: built-in native VPN clients, Cisco AnyConnect, and Pulse Secure SSL VPN. For details on the transition, see https://www.it.northwestern.edu/about/it-projects/vpn-migration-2019/overview.html.
Note that GlobalProtect requires you to authenticate with your NetID and NetID password and Duo multi-factor authentication. If you need to register a phone for multi-factor authentication, see https://kb.northwestern.edu/mfa.
Northwestern IT is aware of VPN access issues from China. We tried implementing workarounds by changing our VPN public IP. However, within a few days of these workarounds Northwestern VPN was blocked again by the Chinese telecommunications agency. At the present time, we cannot provide a solution to using Northwestern VPN in China because the Chinese telecommunications agency continually searches for and blocks Northwestern VPN servers. We have heard anecdotally from some people that using a third party VPN service has worked for them, but we cannot confirm which, if any services, will work.
Supported Linux versions
- Ubuntu 18.04.3 LTS
- Ubuntu 18.04.2 LTS
- Ubuntu 19.04
- Red Hat Enterprise Linux 7.0 - 7.7
- CentOS 7.0 - 7.7
Set up GlobalProtect
- Download the GlobalProtect installation package for your Linux system. The current version offered below is 5.3.1.
- Open the terminal on your device and install GlobalProtect. Note that the commands may vary depending on your version of Linux.
- RHEL 7/centOS CLI commands:
yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum localinstall --nogpgcheck GlobalProtect_UI_rpm.rpm
- Ubuntu/Debian CLI commands:
sudo apt-get install libqt5webkit5
sudo dpkg -i GlobalProtect_UI_deb.deb
- RHEL 7/centOS CLI commands:
- When prompted for a portal address, enter vpn-connect.northwestern.edu.
- Once installation is complete, GlobalProtect will appear in your menu bar at the top of your Linux system.
Connect to GlobalProtect
- Click the GlobalProtect icon in the menu bar, enter the portal address (vpn-connect.northwestern.edu), then click Connect.
- When prompted, enter your NetID and NetID password, then confirm your identity with Duo multi-factor authentication. You will then be connected to GlobalProtect.
- To disconnect, click the GlobalProtect icon again, then click Disconnect.
- If you are not seeing the Global Protect icon in your menu bar, there is a CLI command to bring it up:
- On the terminal prompt, enter "globalprotect launch-ui" (NOTE: It may take longer than expected to see the Online Passport page to appear in the next step)
- This will bring up the windows above
- You can use this if you need to connect and don't see the icon, or to bring up the icon when you need to disconnect.