This document outlines the process to connect to the Palo Alto 2factor VPN using the Palo Alto GlobalProtect VPN client.
This document is specific to the 2factor VPN service that uses Palo Alto GlobalProtect. 2factor VPN is used to access ERP resources and is not the same as WiscVPN or Departmenal VPN. If you are uncertain if you should use 2factor VPN, please contact the DoIT Help Desk.
Note: If your machine is managed by Departmental Support, your machine should already have the Palo Alto GlobalProtect VPN client.
Connecting to the VPN
- Unless you have been informed that you are already authorized to connect to the Palo Alto 2factor VPN, you will first need to request and be granted access to it. See 2factor VPN - Request Access to Palo Alto GlobalProtect VPN.
- Open the Palo Alto GlobalProtect client; if GlobalProtect is already running and disconnected, right-click the icon in the bottom-right toolbar (Windows) or the top-right menu bar (Mac) and click Show Panel
- On the GlobalProtect Home screen, enter the VPN address in the Portal box. The following 2factor VPN connections are available (but each requires individual authorization):
- Enter your NetID in the Username field
- Enter your NetID password in the Password field, then click Connect
- A new window will pop up asking for your security code; enter your 6-digit OTP code from your Symantec VIP token and click OK
- Once connected, you will see a confirmation window that you may close
- To disconnect from the VPN, right click the icon in the bottom-right toolbar (Windows) or the top-right menu bar (Mac) and click Disconnect
Note: If you connected to another VPN (such as WiscVPN or a Departmental VPN), you will need to disconnect from the other client prior to establishing a connection with the GlobalProtect Client. If you attempt to connect without disconnecting other VPNs, it will either fail to connect, or fail to function properly if you are able to connect.