On this page:
The Prisma Access VPN provides a secure connection between your computing device and the cloud VPN gateway using the GlobalProtect VPN client, helping provide a level of privacy and security for your computing activities as well as the ability to access protected resources on MITnet that are only accessible from devices on MITnet.
As the new VPN service is a cloud-based solution, it provides the ability to rapidly scale VPN capacity to meet the MIT community’s needs, better supports MIT’s hybrid cloud computing environment, and offers a consistent, secure experience regardless of your location.
Your IP address will appear to be an MITnet address (18.30.128.x or 18.28.128.y) to MITnet sites and services. It will appear to be a Prisma Access IP address to sites and services that are not on MITnet. This allows for better connectivity to sites not on MITnet because your internet traffic is not required to pass through MITnet and can be routed more directly. It also allows the service to scale up more quickly as demand increases.
You can see this in the Connection tab in Settings in your GlobalConnect client. The following is an example connecting through the US East gateway.
For more, see: Why doesn't GlobalProtect VPN show public MIT IP addresses?
Download and install the app for your device:
- Windows, MacOS and Linux: IS&T Software Download Prisma Access VPN Client
- iOS: Apple Store
- Android: Google Play Store
You may need to enter your local administrator password and/or update some security settings to allow software developed by "Palo Alto Networks" to install on your device.
You do not need to uninstall your Cisco AnyConnect client, but you cannot use AnyConnect any longer.
Portal Address: gpvpn.mit.edu
- I'm trying to test the VPN while on campus from the MIT Secure, MIT, or wired network. It gets stuck connecting, or if left long enough, will provide a "matching client config not found" error. Why won't it work?
The VPN is intended to be used when off campus. To test your VPN configuration, connect to a non-MIT network, then try connecting to the VPN.
- How do I print to my local printer when connected to the VPN?
LAN (local area network) access is enabled by default. You should be able to print to your local printer without taking any additional action.
- Does LAN (local area network) access being on by default mean I can connect to local speakers, projectors and other devices on my network while being connected to the VPN?
Yes, you should be able to reach anything on your local network when connected to the VPN that you could when not connected to the VPN.
- In MacOS should I set the GlobalProtect app to be a login item that starts automatically?
No. The GlobalProtect app will automatically start upon login and the globe icon will appear in your menubar. You can then click on the globe icon and connect. If you set GlobalProtect as a login item, it will try to start a second time and throw repeated error messages about there already being an instance running.
- How do I access library services that aren't on MITnet from off campus?
Use the MIT Libraries Libproxy service to authenticate. See: MIT Libraries: Connect from on and Off Campus: Manually edit the URL of a web resource to be authenticated through MIT’s Touchstone.
- Is there an idle timeout for GlobalProtect if my computer sits idle for an extended period of time?
Yes, the Inactivity Timeout is set to 3 hours.
- Error Message: Mac OS X - Identity of developer cannot be confirmed
- Error Message: GlobalProtect app can't be opened because it was not downloaded from the App Store
- How do I uninstall the Prisma Access VPN on MacOS?
- On my Android phone, why do I get a notification that the MIT Prisma Access VPN is always on? Can I turn it off?
- I'm on Windows and getting the error:
PanGPS.exe - System Error
The code execution cannot proceed because mfc120.dll was not found. Reinstalling the program may fix this problem.
Install Microsoft Visual C++ runtime components and try again.
- Contact the IS&T Service Desk
|Additional escalation information for Help Staff can be found here: [Prisma Access VPN Recon].