Sometimes, you have to install the PAM Client on workstations not having internet access due to internal security restrictions or other policies.
From where can PAM Client be download?
Any workstation supported by the PAM client, see page Supported Environments, using the version dropdown list to select your PAM server version.
By default the PAM client download links point to files in the cloud. If the workstation doesn't have direct internet access, these download links will not work.
The public location of the PAM client installer files is https://d21oi5tjuccwe.cloudfront.net. Accessing that link directly from a host with internet access will give a list of files available for download. One way is to get the file downloaded on a node with internet access and then transfer the installer file to a location accessible from the intranet.
Alternatively, the PAM administrator can setup a private CA Delivery Network (CDN) in their local intranet environment following instructions on documentation page Use a Private Delivery Network to Distribute the Client Installer. This will require the PAM admin to download the files of interest from the cloud. Once this delivery network is configured, when a user accesses the PAM login page with a browser and downloads the PAM client installer, it will be retrieved from the CDN rather than the cloud.
Sample generic public download URLs:
https://d21oi5tjuccwe.cloudfront.net/ca-pam/install/win/CAPAMClientInstall_Vx.x.x.exe (windows installer)
https://d21oi5tjuccwe.cloudfront.net/ca-pam/install/mac/CAPAMClientInstall_Vx.x.x.zip (Mac OS installer)
https://d21oi5tjuccwe.cloudfront.net/ca-pam/install/linux64/CAPAMClientInstall_Vx.x.x.bin (Linux installer)
Example URL with the version number (replace x.x.x with the version number of CA PAM, if the version of CA PAM is a major build number, then the link will be x.x.exe the third x is not required)
https://d21oi5tjuccwe.cloudfront.net/ca-pam/install/win/CAPAMClientInstall_V4.1.6.exe (windows installer), similarly use the specific OS URL as per the OS the CA PAM client is required to be deployed upon.
Note that the PAM client upgrades or downgrades itself dynamically once connected to a specific PAM server/release. Therefore you do not have to install the PAM client version matching the PAM server release. This upgrade/downgrade does NOT require internet access.
Platform-specific installation instructions are found on page Deploy the PAM Client.