Configuring the ssl vpn global protect, Configuring the security zone – HID Palo Alto Networks and ActivID AS User Manual

ActivID Appliance RADIUS and Palo Alto Networks Integration | RADIUS Channel Integration Handbook

External Release | © 2014 HID Global Corporation/ASSA ABLOY AB. All rights reserved.

Page | 7

2.3

Configuring the SSL VPN Global Protect

You must configure the SSL connection and related attributes in order utilize the GlobalProtect functionality:

• Portal - Palo Alto Networks firewall that provides centralized management for the GlobalProtect system.
• Gateways - Palo Alto Networks firewalls that provide security enforcement for traffic from GlobalProtect

agents.

The following sections describe the steps for the attributes that must be configured:

2.3.1 Configuring the Security Zone

A security zone identifies one or more sources or destination interfaces on the firewall. When you define a
security policy rule, you must specify the source and destination security zones of the traffic.

In our example, we have created “layer 3” zone named “VPN SSL” in order to identify traffic come from
VPN SSL users.

1. To create this zone, click on the tab Network.

2. From the left pane, click Zones.

3. Click Add to add a new zone.

4. Enter a Name for the zone.