gpclient

Connect to a GlobalProtect VPN using a portal server

$ gpclient connect [vpn_gateway_url]

$ gpclient disconnect

$ gpclient launch-gui

$ gpclient connect --fix-openssl [vpn_gateway_url]

$ gpclient connect --ignore-tls-errors [vpn_gateway_url]

$ gpclient --version

$ gpclient help [command]

gpclient command [options]

gpclient is a Linux client for Palo Alto Networks GlobalProtect VPN, built on top of OpenConnect. It provides both command-line and graphical interfaces for connecting to corporate VPN gateways that use GlobalProtect.
The client supports SAML authentication, two-factor authentication, and both portal and gateway connections. It is an open-source alternative to the official GlobalProtect client, which has limited Linux support.

connect URL

Connect to GlobalProtect VPN gateway

Disconnect from current VPN session

Open graphical interface

Apply workaround for OpenSSL legacy renegotiation

Skip TLS certificate validation

Specify gateway URL directly

Specify username for authentication

Requires OpenConnect with GlobalProtect support. Some authentication methods (like hardware tokens) may have limited support. The --ignore-tls-errors option should only be used for testing as it bypasses security.

gpclient (GlobalProtect-openconnect) was created as an open-source solution for Linux users needing to connect to GlobalProtect VPNs. It leverages OpenConnect's GlobalProtect protocol support, which was added in OpenConnect 8.0.

openconnect(8), openvpn(8), nmcli(1)