This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Prisma Access Discussions
Prisma Access secures access to the cloud for branch offices and mobile users anywhere in the world with a scalable, cloud-native architecture that will soon be managed via a new streamlined cloud management UI.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Prisma Access Discussions
Prisma Access secures access to the cloud for branch offices and mobile users anywhere in the world with a scalable, cloud-native architecture that will soon be managed via a new streamlined cloud management UI.
About Prisma Access Discussions
Prisma Access secures access to the cloud for branch offices and mobile users anywhere in the world with a scalable, cloud-native architecture that will soon be managed via a new streamlined cloud management UI.

Discussions

Start a conversation

Welcome to the Prisma Access Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 2628 Views
  • 0 replies
  • 1 Likes

PAC File for Prisma Access China

Hi, Currently deploying Prisma Access China. No service connection license, hence, PANW on-prem FW is added as External Gateway. I have enabled and configured PAC file. I'm expecting that internet traffic will pass through Prisma Access but upon checking, it passes through on-prem firewall (checked by using ipchicken.com). I have attached the ...

IBalaro by L1 Bithead
  • 183 Views
  • 2 replies
  • 0 Likes

Palo-hosted EDL empty when using certificate profile

Hi Guys, I can’t use my SaaS EDLs in Prisma. It works fine on-prem, but in Prisma the list contains 0.0.0.0/0 entry. When I remove certificate profile, it work well. I configured decryption exclusion for Prisma Infra subnet as I had decryption errors for Palo SaaS URL. i did not configure any security policy from infra subnet to internet (bu...

Prisma Access (SWG):- Need to give access of Github's specific repositories to specific prisma access users

I have a specific use case requiring granular access control for GitHub repositories through Prisma Access. We need to restrict specific users to a defined subset of repositories (e.g., ://github.com*) while ensuring all other GitHub resources remain inaccessible. This is to ensure we are following the Principle of Least Privilege for our extern...

PRISMA Access Intrazone Default - As a firewall engineer this rule gives me the creeps

Quick on for all you PRISMA SASE heads out there. Finally getting stability on macOS (god bless GP version 6.2.3) . Now it's time to harden up a little bit - easy to do with a firewall I manage but not sure of the ramification on PRISMA. So,, Intrazone-Default is allowed by default and it get some farily nasty attacks on the untrust to unstr...

Cross border connectivity option(Prisma Access China)

Attention: JAPAC TPM teamHello Team, When integrating Prisma Access China with Prisma Access Global,my understanding is that one of the following options is required:-Cross Border Line (CBL)-Premium Internet (PI) We are considering Cross Border Line (CBL), but does the availability of a whitelist service determine whether international inter...

y.saitou by L3 Networker
  • 7020 Views
  • 3 replies
  • 0 Likes

Prisma Browser with E-DLP configure OCR

Hello Team, I'm currently testing with Prisma Browser Standalone with an Eval license. I want to enable OCR settings in E-DLP and test them, but I don't see the OCR setting in the Detection method. Is this because my account was issued through Eval? I confirmed in the documentation that OCR is available in PB. Referred to Link : https://docs...

Prisma Access Service Connection to Palo Alto FW in HA-AA

Hi, We were able to make the tunnels up under 1 Service Connection (with 2 tunnels, primary and secondary) in Prisma Access and 2 tunnels in Palo Alto FW with Active-Active HA setup. If both tunnels are up, loopback IP in FW1 is accessible from GP user. But when the primary went down and secondary tunnel is still up, GP user in unable to reach...

IBalaro by L1 Bithead
  • 596 Views
  • 1 replies
  • 0 Likes

Prisma Access Explicit Proxy — Anti‑Spyware behavior when DNS bypasses Prisma (logging subtype + test methodology)

Attention: JAPAC TPM TeamHello Team, I have a question about the Anti-Spyware profile behavior in a Prisma Access (Explicit Proxy) environment. Scenario- Clients use Explicit Proxy to reach Prisma Access for web traffic.- DNS resolution does not traverse Prisma Access (it is resolved by a local resolver / another path).- An Anti-Spyware prof...

Imas4to by L1 Bithead
  • 593 Views
  • 0 replies
  • 0 Likes

China mainland Mobile users questions

Hi expert, If we do not have Prisma Access China license, but still want to connect China mainland mobile users to closed MU-SPN overseas, say Japan pop. If this will be blocked by Greate FW, and if it is, if any workaround. Also, can connect to the overseas SC and then send traffic to Prisma Access Cloud ? If can do that, how to achieve it. ...

PAB Stuck while installation

I’m working on a Windows machine and have already tried every possible troubleshooting step I could think of, but unfortunately I haven’t had any success. I raised a support ticket, but so far there’s been no response, which has been a disappointing experience. If anyone in the community can guide me on an easier way to reach support or suggest ...

Error when calling “Get number of users at location(s)” API in Prisma SASE Aggregate Monitoring APIs

Attention: JAPAC TPM TeamHello Team, I am testing the Prisma SASE Aggregate Monitoring APIs(https://pan.dev/sase/api/mt-monitor/) and encountered an issue. When calling the “Get number of users at location(s)” endpoint:https://api.sase.paloaltonetworks.com/mt/monitor/v1/agg/locationsUsersusing the “User Count across Locations” operation, I co...

Imas4to by L1 Bithead
  • 721 Views
  • 1 replies
  • 0 Likes

Prisma Access CIE and User-ID mapping not working for groups

Hi, all, thanks in advance for any help about an issue we are facing with User-ID agent on on-prem and EntraID with CIE integration.Let me explain our topology a bit deeper: On the one hand, we have a Remote Network with some Windows servers without GP or Prisma Access agent. We use User-ID agent for username-to-IP mapping. This is sent to loc...

Unable to establish tunnel during Service Connection configuration (Details Added with Screenshot)

Dear Community Expert Team, This my first post in Community. I really enjoy the Palo Alto Prisma Access SASE. Find the below details: Before I am going to production configuration I plan to test in my LAB environment for multiple of POC. Requirement: Service Connection configuration Setup: Palo Alto NGFW hosted in GCP (Google Cloud Plat...

chinmayanaik_0-1768299362753.png
chinmayanaik_1-1768299362754.png
chinmayanaik_2-1768299362758.png
chinmayanaik_3-1768299362759.png
  • 386 Posts
  • 79 Subscriptions
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks