- Jamf Nation Community
- Products
- Jamf Pro
- Re: How to restart the global protect VPN agent.
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
How to restart the global protect VPN agent.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-26-2016 04:20 AM
So we use the Global Protect client for our vpn. One of the issues we have with this is that the thing seems to loose the ability to reconnect after being constantly suspended or put to sleep by our laptop users.
Its not enough to kill the process to get it running again, you have to unload and reload the daemons to get it running again.
One of the Devops guys (Scott) I work with made this little script to do just that;
!/bin/bash
echo "Stopping GlobalProtect..." launchctl remove com.paloaltonetworks.gp.pangps launchctl remove com.paloaltonetworks.gp.pangpa echo "Done!"
echo "Starting GlobalProtect..." launchctl load /Library/LaunchAgents/com.paloaltonetworks.gp.pangpa.plist launchctl load /Library/LaunchAgents/com.paloaltonetworks.gp.pangps.plist echo "Done!"
exit 0
Hope it helps someone out there.
Labels:
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-26-2016 04:53 AM
Hi,
Just to warn you, this launchctl commands you're using are marked as "legacy" now. They'll work on Sierra currently, but not forever. Have a look at the man page for more details.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-26-2016 07:03 AM
Thanks!
Thats always good to know!
I'll be sure to look into the new way apple are gonna make me do this!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-20-2018 06:56 AM
@CypherCookie, Good Morning,
We have moved to Global Protect in our college environment. I apologize for asking this but what is the process to download the AD certificate on the mac automatically which in our environment gets switched out on a regular basis? Before this, we were using Cisco VPN and it was just an install that we used for a long time. At this point, they switched off Cisco and I currently have no VPN access but need it to manage our Macs. Currently, I have the MacBook in the AD, the Global Protect software installed on the MacBook and need to figure out how to get the certificate to download from AD regularly.
Thank you for your time in this matter. Have a very great day!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-21-2018 02:16 PM
Hi @skinford the certificate is deployed by the SCEP server which we set up before the vpn goes live. To get that working, the certificate was pre-installed via a secure build lan connection which has a direct connection with the JSS & SCEP server.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-28-2018 10:35 AM
Thanks @CypherCookie I think we need to install a Casper plugin for that, but before that our servers need to be Windows 2016, we're still on 2012 and not sure they're moving up yet for us, so I'm sort of stuck in stall mode for the time being.
Appreciate the assistance, have a very great day today!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-18-2018 12:57 AM
pretty sure there is no plugin to be configured. You just point to the server you want in the config profile and it should do the authentication for the user.
side note : user accounts need to be mdm enabled to get the profiles working as they are a per user profile not device.
