GlobalProtect VPN client

Your VPN enables a secure connection between your computer and resources on your Relativity instance's network. The following resources are available when you connect to the GlobalProtect VPN client:

This page contains the following information:

GlobalProtect VPN requirements

Local machine requirements

Consider the following:

  • Refer to the GlobalProtect compatibility matrix to ensure that the VPN client is compatible with your operating system.
  • For RelativityOne, you should be using GlobalProtect 4.1 and above.
  • The VPN software (Global Protect) must be installed locally, which needs to be done under a "Local Administrator" account. It is possible to install GlobalProtect with group policy as an active directory admin.
  • Note: Without local administrator, or the ability to install via group policy, you will be unable to install the GlobalProtect client.

Port requirements

The following ports must be opened on user machines and/or firewalls for the GlobalProtect VPN to use when accessing file data in RelativityOne.

Destination Port Protocol Description
443 TCP Used for communication between GlobalProtect agents and portals, or GlobalProtect agents and gateways and for SSL tunnel connections. GlobalProtect gateways also use this port to collect host information from GlobalProtect agents and perform host information profile (HIP) checks.
4501 UDP Used for IPSec tunnel connections between GlobalProtect agents and gateways.

See RelativityOne network access in the RelativityOne technical overview. for complete information on network access requirements.

Current VPN portal URL

There are different geographic data centers that your Relativity instance may reside in. Enter the VPN portal URL as it appears below.

All VPN portal URL are formatted as vpn.[regional domain].relativity.one

Azure Region VPN Portal URL
US-Central vpn.ctus.relativity.one
US-East vpn.esus.relativity.one
Canada-Central vpn.cact.relativity.one
UK-South vpn.ukso.relativity.one
Asia-East vpn.esas.relativity.one
Brazil-South vpn.brso.relativity.one
Europe-West vpn.wseu.relativity.one
Australia-East vpn.auea.relativity.one
Sandboxes (optional)

vpn.ctussbx.relativity.one

Installing the GlobalProtect VPN client

Note: Your VPN connection is typically created during the onboarding process for RelativityOne. If you have questions, please contact your designated Customer Success Manager.

Resetting your password

To reset your initial temporary password, reset your expiring or expired passwords, or to change your password, access https://login.microsoftonline.com. From there, you can access your account settings in the upper right menu, and then change your password. If the password has already expired, you will be prompted to change it. When you reset your VPN password, the password will be active for 90 days before it expires and you must reset it again.

Note: After resetting your password, you must wait 30 minutes before attempting to log in with your reset password.

Note: If you are already logged into Microsoft at your organization, you may need to open a private browsing window in your internet browser (Incognito, InPrivate, etc.), and access https://login.microsoftonline.com from there. If you do not do this, you will not be prompted to reset your temporary password or may receive an error when you try to log out and then log back in.

Downloading and installing the GlobalProtect VPN client

After receiving your temporary password, navigate to https://login.microsoftonline.com to reset it. Your login is in the following format: firstname.lastname@vpn.relativity.one.

Note: After resetting your password, you must wait 30 minutes before attempting to log in with your reset password.

  1. Navigate to the portal for the geographic region you use RelativityOne in. The correct portal address for you to use can be found in the credentials file e-mailed to you when your user was created. For example, North America/Central US would be https://vpn.ctus.relativity.one.
  2. Enter your username (i.e., firstname.lastname@vpn.relativity.one) and updated password. Ensure you have changed the temporary password (https://login.microsoftonline.com).
  1. Once you are logged in, download the appropriate VPN client to your computer.
  2. Install the GlobalProtect VPN client you just downloaded. Follow the default prompts.

Note: You must have local admin rights to install the VPN client. If you are not a local admin, contact your IT department to install it via Group Policy. Instructions for installing the client via Group Policy are found at https://live.paloaltonetworks.com/t5/Management-Articles/Using-Active-Directory-GPO-to-Install-the-GlobalProtect-Client/ta-p/61120.

Note: If you are using macOS and are unable to use GlobalProtect after installing, review the General tab in your Security and Privacy settings and ensure that system software from PanGPS is not blocked from loading.

Note: To download and re-install the VPN client (e.g., if you get a new computer), follow the instructions above, but skip the steps related to resetting your password.

Logging in using your GlobalProtect VPN client

  1. After installing the VPN client, the GlobalProtect toolbar menu will open. If it doesn't open automatically, you can search for GlobalProtect in the bottom left-hand search bar to open it.
  1. Click the gear icon in the upper right-hand corner of the toolbar menu, and then select Settings to access the Settings dialog window and configure the VPN client.
  2. Under the General tab, click the Add button to add the RelativityOne Portal Address.
  3. Note: Ensure you enter the correct portal (this depends on which geographic region your RelativityOne instance resides in). You should not enter the "http://" preceding the portal address.

  1. Click Save.
  2. Close the Settings dialog.
  3. Click on the GlobalProtect Icon in your tray, and then click the blue Connect button.
  4. A prompt for your VPN user credentials displays.

  1. Enter your VPN user credentials.
  2. Note: The username is in the format firstname.lastname@vpn.relativity.one. Enter the password you created earlier during the password reset.

    A window will display momentarily while you are connected to the VPN.

  1. To check your connection status, you can view the GlobalProtect icon in your system tray. When connected, it will look like the following image.

    Note: You can click the gear icon, then select Settings to launch the Settings dialog which also shows your connection status. You can perform troubleshooting from this window.

Adding a secondary VPN region to GlobalProtect

This guide will show you how to connect to RelativityOne in a non-US region. If you need Utility Server details, please contact your Customer Success Manager.

To add a secondary VPN region to your client:

  1. Search for GlobalProtect icon in the taskbar to open it.
  1. Click the gear icon in the upper right-hand corner of the toolbar menu, and then select Settings to access the Settings dialog window.
  2. Under the General tab, click the Add button to add the new RelativityOne portal URL in Portal Address.
  1. Click Save.
  2. Close the Settings dialog.
  3. Click on the GlobalProtect Icon in your tray.
  4. Select the newly added Portal from the drop-down menu on the GlobalProtect connection screen.
  1. Click the blue Connect button.
  2. A prompt for your VPN user credentials displays.

  1. Enter your VPN user credentials.
  2. Note: The username is in the format firstname.lastname@vpn.relativity.one.

    A window will display momentarily while you are connected to the VPN for the new URL.