VPN Overview

This article is an overview for faculty and staff when using the campus Virtual Private Network (VPN) service GlobalProtect.

What is GlobalProtect?

It is a software agent that that extends the protection of a corporate perimeter to remote user laptops thereby applying all the same policies and protections to remote users.

Types of Tunnel (Portal Management System)
GlobalProtect - Full Tunnel (gpft)

Selecting GlobalProtect - Full Tunnel (gpft) results in ALL of your network traffic being routed through the VPN tunnel.

  • This includes traffic to the campus and the Internet.  
  • This include emails, browsers, etc., regardless of where the data is going to or coming from.  

This is the most secure way of keeping your data secure and preventing others from listening to your traffic.

Reasons to use GlobalProtect - Full Tunnel (gpft):

  • It is recommended that you select GlobalProtect - Full Tunnel anytime you are connected to an “Untrusted” (i.e.) public network.

Examples of "Untrusted" networks include, but are not limited to airports, restaurants, hotels, traveling overseas, etc.

GlobalProtect - Split Tunnel (gpst)

Selecting GlobalProtect - Split Tunnel (gpst) results in Only of network traffic to .fullerton being routed through the VPN tunnel.

  • All other traffic is routed directly to the Internet and does not pass through the VPN tunnel.

Reasons to use GlobalProtect - Split Tunnel (gpst):

  • Use GlobalProtect - Split Tunnel when you are connected to a “Trusted” network and you need access to local campus resources (ex: printers, file shares, etc).

Examples of "Trusted" networks include, but are not limited to, your home network, campus networks, etc.

Remember to access any campus data you will need to have that data encrypted.

GlobalProtect Supported Operating Systems
Windows
Mac
Android
  • Windows 10
  • Mac OS X any version
  • Android 5 and higher
  • Windows Server 2008
IOS
Chrome
  • Windows Server 2012
  • IOS 10.2 and higher
  • Google Chrome
  • Windows Server 2016


To use the campus VPN, What Must I Install?
1. To use the campus VPN, or to go online in a secure environment off-campus, you must install:
  1. DUO - a 2-Factor authentication tool.
  2. GlobalProtect - the VPN agent.  This must be installed on local system.

For this purpose of this document we will define local system and remote system as the following:

  • a local system is typically a system (computer) controlling the connection.
    • i.e. your personal (home) workstation, mobile device, or browser can have the GlobalProtect VPN agent installed on it
  • a remote system is typically a system (computer) being accessed.
    • i.e.  your office workstation or campus resources are items that can be accessed through the GlobalProtect VPN agent
2. To use VPN to remotely connect to your campus Windows Desktop, you must install:
  1. DUO - a 2-Factor authentication tool.
  2. Remote Desktop - must be enabled on the remote system (Windows) in your office;
  3. GlobalProtect - the VPN agent.   This must be installed on your (local) client system; and
  4. Remote Desktop app - must be installed on the local system (Windows or Mac).

For this purpose of this document we will define local system and remote system as the following:

  • a local system is typically a system (computer) controlling the connection.
    • i.e. your personal (home) workstation, mobile device, or browser can have the GlobalProtect VPN agent installed on it
  • a remote system is typically a system (computer) being accessed.
    • i.e.  your office workstation or campus resources are items that can be accessed through the GlobalProtect VPN agent

Currently, connections for the Remote Desktop application are PC to PC and Mac to PC.

Remote Desktop is NOT SUPPORTED for Mac to Mac or PC to Mac!

3. To use VPN to access secure campus resources , you must install:

Use the campus VPN to remotely access campus applications, resources, websites and servers which require a secure connection.  

  1. DUO - a 2-Factor authentication tool.  This must be installed on your mobile device; and
  2. GlobalProtect - the VPN agent. This must be installed on the local system.

For this purpose of this document we will define local system and remote system as the following:

  • a local system is typically a system (computer) controlling the connection.
    • i.e. your personal (home) workstation, mobile device, or browser can have the GlobalProtect VPN agent installed on it
  • a remote system is typically a system (computer) being accessed.
    • i.e.  your office workstation or campus resources are items that can be accessed through the GlobalProtect VPN agent

Any additional information or resources needed to access your desired connect will need to be provided to you by the owner of the application or resource.

FAQ:   About the campus VPN
1. Do I need to use the campus VPN when I use Titan Online?

It depends. Based on the level of secure data you access and your location,

  • NO, VPN access is not required if you are on campus.
  • YES, VPN access is required if you are off-campus trying to access:
    1. secure campus resources
    2. a campus workstation
2. Do I need to use my personal cell phone if I haven't been issues a campus phone in order to authenticate with DUO and use the VPN?

No. Contact the Help Desk at helpdesk@fullerton.edu or 657-278-7777 to obtain a "keychain fob" that you can use with Duo to access VPN.

Need More Help?

Contact the IT Help Desk at helpdesk@fullerton.edu or 657-278-7777 for additional assistance.