Table of Contents
Complete documentation can be found at Prisma Access. This article is aimed at providing quick access to the most commonly used information. It is highly recommended that you read the Prisma Access Admin Guide and Cortex Data Lake Admin Guide.
Register Panorama in HA with Prisma Access
Active Prisma Acess License on Panorama
Procedure To Check The Commit Failure Reason On Prisma Access Firewall
Forward Logs to Cortex Data Lake
Bulk configuration of Remote Networks - Onboard Remote Networks with Configuration Import
Minimum bandwidth requirements for multitenant
List of Prisma Access Locations
Prisma Access Known Issues
Common Troubleshooting Scenario
Panorama Connectivity Issues To Prisma: OTP Errors
Firewall Unable To Register To Cortex Data Lake
IKE Gateway Commit Failure: Peer Gateway ID Must Be Defined
NOTE: If you run into an error or situation that needs help, please post in comments, we will try updating the document with troubleshooting steps. You may also start a topic in the Prisma Access discussion forum.
When configuring the remote network or service connection the commit fails:
Commit fails on cloud
RN or SN fails to spin up on cloud even after 10 min
Please verify the commit failure reason matches the one discussed in the article. Procedure to check the commit failure reason on Prisma Access firewall
Check the IKE Gateway configuration for the gateway you see commit failure. Verify Commit Status
Configuration Errors:IKEv1 gateway <gw_name> peer gateway ID must be defined when peer address is dynamic.(Module: ikemgr)
Verify the peer IP type is dynamic
When the dynamic IP is selected, we do not know the Public IP from which the peer is connecting. IPSec would require authenticating the peer. Due to this reason, we need identification information to be defined under "Local Identification" and "Peer Identification."
Once the identification is configured, commit and push from Panorama.