LSVPN Overview

• GlobalProtect Portal—Provides the management functions for your GlobalProtect LSVPN infrastructure. Every satellite that participates in the GlobalProtect LSVPN receives configuration information from the portal, including configuration information to enable the satellites (the spokes) to connect to the gateways (the hubs). You configure the portal on an interface on any Palo Alto Networks Next-Generation Firewall.
• GlobalProtect Gateways—A Palo Alto Networks firewall that provides the tunnel endpoint for satellite connections. The Satellites access resources that you protect using Security policy rules on the gateway. It isn’t required to have a separate portal and gateway; a single firewall can function both as portal and gateway.
• GlobalProtect Satellite—A Palo Alto Networks firewall at a remote site that establishes IPSec tunnels with one or more gateways at your corporate office(s) for secure access to centralized resources. Configuration on the satellite firewall is minimal, enabling you to scale your VPN quickly and easily as you add new sites.