Prisma Access Service Connection to Palo Alto FW in HA-AA

Hi,

We were able to make the tunnels up under 1 Service Connection (with 2 tunnels, primary and secondary) in Prisma Access and 2 tunnels in Palo Alto FW with Active-Active HA setup. If both tunnels are up, loopback IP in FW1 is accessible from GP

Prisma Access Explicit Proxy — Anti‑Spyware behavior when DNS bypasses Prisma (logging subtype + test methodology)

Attention: JAPAC TPM Team
Hello Team,

I have a question about the Anti-Spyware profile behavior in a Prisma Access (Explicit Proxy) environment.

Scenario
- Clients use Explicit Proxy to reach Prisma Access for web traffic.
- DNS resolution does not

China mainland Mobile users questions

Hi expert,

If we do not have Prisma Access China license, but still want to connect China mainland mobile users to closed MU-SPN overseas, say Japan pop. If this will be blocked by Greate FW, and if it is, if any workaround. 

Also, can connect to t

PAB Stuck while installation

I’m working on a Windows machine and have already tried every possible troubleshooting step I could think of, but unfortunately I haven’t had any success. I raised a support ticket, but so far there’s been no response, which has been a disappointing

Prisma Access Mobile user enforcement for mac-os

Hi expert,

Any one implemented the prisma access enforcement for mobile users GP, Looks it works for windows PC but not not working well for Mac-OS.

Any idea?

Thanks in advance!

Error when calling “Get number of users at location(s)” API in Prisma SASE Aggregate Monitoring APIs

Attention: JAPAC TPM Team
Hello Team,

PRISMA Access Intrazone Default - As a firewall engineer this rule gives me the creeps

Quick on for all you PRISMA SASE heads out there. 

Finally getting stability on macOS (god bless GP version 6.2.3) . 

Now it's time to harden up a little bit - easy to do with a firewall I manage but not sure of the ramification on PRISMA. 

So,, Intr

Prisma Access CIE and User-ID mapping not working for groups

Hi, all,

thanks in advance for any help about an issue we are facing with User-ID agent on on-prem and EntraID with CIE integration.Let me explain our topology a bit deeper:

On the one hand, we have a Remote Network with some Windows servers withou

Unable to establish tunnel during Service Connection configuration (Details Added with Screenshot)

Dear Community Expert Team,

This my first post in Community.

I really enjoy the Palo Alto Prisma Access SASE.

Find the below details:

Before I am going to production configuration I plan to test in my LAB environment for multiple of POC.

Requ

GloablProtect + Explicit Proxy blocks WSL traffic.

Hello everyone,

We’re facing an issue with WSL2 where traffic from WSL is unable to route to Prisma when GlobalProtect (GP) is running on the host Windows machine with an explicit proxy.

Environment / Setup
GlobalProtect enabled with Explicit Proxy
P

Prisma Access with ECMP

Hi Everyone,

We are trying to troubleshoot an issue where enabling ECMP on the Virtual Router breaks Prisma Access. We have 3 circuits configured (see pic) to load balance internet traffic. This firewall is also a service connection back to Prisma.

Prisma Browser conditional access issue with outlook app

Hello all, I'm facing an issue after trying to enable conditional access policy on Azure entra id in order to prevent the use of other browser except from Prisma Browser. Although the conditional access works for all the applications (SharePoint, in

New global protect install for Windows x64 v6.3.3c828 has broken MSI

Hi,

We have just downloaded the latest GP for Windows x64 v6.3.3c828. The MSI properties indicate that the product code is {B316DC7F-EB20-4A36-AA0A-96099FA142DB} however when it installs it installs as the previous version product code {CD809CD6-9D01