GlobalProtect Logo With Virtual Private Network (VPN), staff and students can make secure connection from their home computers or mobile devices to the campus network over the Internet. Data transmitted via VPN connection are encrypted. Users can access certain restricted IT services such as DMS, AirWatch Private Cloud Storage and etc, use SPSS, and make connection to some central network servers using SFTP client software outside the campus.

The “Palo Alto GlobalProtect” technology (GlobalProtect VPN) was launched in September 2014. The GlobalProtect VPN requires users to install the GlobalProtect software on their device(s). It then establishes a virtual tunnel to the campus network with authentication using the user’s EdUHK network account and password. For security reasons, the GlobalProtect VPN client software should NOT be used on public computers. Please install and use the software only on computers protected with up-to-date anti-virus software and firewall protection.

VPN Network Diagram

Using GlobalProtect VPN

1. Client Software for Windows and Mac

Desktop computer or notebook users please visit to download and install the “GlobalProtect” client software.

Supported systems:
  • Microsoft Windows 7, 8.1, and 10 - (Download Windows 32 bit / Windows 64 bit / ARM Based CPU GlobalProtect agent v5.x)
  • Apple Mac OS X 10.11 and later - (Download Mac 32/64 bit GlobalProtect agent version 5.x) *(Please right click the link and choose "save link as")
  • Apple Mac OS X 10.10 and earlier - (Download Mac 32/64 bit GlobalProtect agent version 3.x) *(Please right click the link and choose "save link as")
  • Linux (Support CentOS 7, Red Hat Enterprise Linux (RHEL) 7/Ubuntu 14.04 and later releases) - (Download the GlobalProtect app for Linux .)

Note: For details, please visit Palo Alto Networks® Compatibility Matrix

Please refer to the following user guides for more information.

2. Native Apps for Mobile devices

Mobile device users can install “GlobalProtect” app available on Apple App Store (iOS) or Google Play Store (Android).

Supported systems:
  • Android 5.0 and later Google Play Store
  • Apple iOS 12 and later Apple App Store

Please refer to the following user guides for more information on making VPN connection using the respective mobile apps:

Tips and best practice on using GlobalProtect VPN

  1. The VPN connection is based on the Internet connection of your device to set up a tunnel back to HK. User are recommended to use a fast and reliable connection to enjoy good VPN experience. After the VPN is connected, you could test the network speed by using "" which could measure the network throughout. Anything over 10Mbps is good.
  2. Mobile network on mobile devices are not designed for long connection, such as, Zoom meeting which requires higher bandwidth and reliable connection throughout the session.
  3. VPN redirect all the traffic to HK through VPN gateway. If you are in mainland and you just want to access the public web sites in mainland, don’t use VPN as all the traffic will go to HK and back to mainland which introduce unnecessary delay.
  4. VPN usage might be affected by the “Great Firewall” in mainland and the restriction imposed might change from time to time and from location to location.

Note: VPN connection ceases automatically every 8 hours. The time out for idle sessions is 4 hours.

If you enter gateway error connecting to the VPN as below, please download the "Sectigo Certificate" at here and install on your system.
VPN Gateway Error