Prisma Access Discussions

Welcome to the Prisma Access Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Regarding the selection of the MU-SPN connection destination

Attention: JAPAC TPM team
Hello Team,

When IP Optimization is disabled and there are multiple MU-SPNs in a single compute location,
how is the MU-SPN to be connected to selected?

I understand that it connects to the one that is physically close and

...

Resolved! Please tell me about the DNS server address that is dynamically set when connecting to Global Protect.

Attention: JAPAC TPM team
Hello Team,

If you run ipconfig /all after connecting to GlobalProtect, the DNS server entry will show an IP address in the same segment as the device's IP address.

-I understand that this DNS server is the IP address used

...

GP agent as user to ip mapping method for Prisma remote network

Is it possible to use GP as user to ip mapping method for Prisma remote network?

I cannot see GP portal/gateway configuration buttons (they are looks not active -greyed out) on Remote Network template (Prisma Access managed by Panorama) this settings

...

Time Zone Issues with Prisma Global Protect

Been having issues with users computers changing timezones when connected to prisma access, I am not sure why this is happening. I assume its connecting to different gateways because "best available" is used. Any ideas where to look to see whats goin

...

Service Connection Redundancy

Hi Team,

I know that we can Redudanant the Service Connection witht 2 ISP with 2 Tunnels

but i want some information we know we have 2 tunnel so if our one tunnel is down another will up

but but what about Service Connection itself e.g i have

...

BGP

i am activated BGP in service connection, but why in BGP status is Not Enabled, while in Monitor > Data Center BGP Status is UP.?

Resolved! About MU-SPN behavior when IP Optimization function is enabled

For RN and SC, the IP address assigned from the service infrastructure IP is set as the loopback address, but
when IP Optimization is enabled, will the MU-SPN have an IP address assigned from the service infrastructure IP?
If so, is there a way to chec

...

Multiple IdPs for GP Authentication

Hi Team,

Today, I received a new use case from my customer.

In their Prisma Access cloud-managed environment, we have configured SAML authentication for SSL VPN connectivity.

Now, the customer has a new requirement: one of their clients needs access

...

Resolved! Prisma Access Global Protect: Slow YouTube And Video Traffic

Hello Livecommunity!

I'm facing a speed issue related to video traffic like (YouTube), where videos and ads remain loading for a long time when mobile users are connected to the Global Protect Agent deployed from Prisma Access.

We're running the Global

...

Prisma Access - CIE multi profile - breaks SSO

Hello all .

Seem to be casting into an empty pool here but will try anyway.

My issue is with Multi Auth profiles using Global Protect & Prisma Access.

If you use more than one IDP you can only match against one profile , hence you can't use mu

...

Configuration of Remote network in prisma cloud with my home-office network

I have home-office with Fortigate (which is support ipsec)
I would like to set it up with remote network connection

Any document or any suggestions ?

How to troubleshoot the Prisma Access Browser Extension on Mac.

How to troubleshoot the Prisma Access Browser Extension on Mac. please help me if Any one have any idea. I m trying to install PAB extension in chrome in MAC but it not reflect on chrome extension.

Prisma explicit proxy for on-premises servers?

Hi Palo experts!

Do you know if Prisma explicit proxy can be used for on-Orem servers’ internet sccess?

I have few small sites with two segments: remote networks (for users) and server subnet (which is reachable via service connection from Prisma M

...

IPSEC Tunnel Secondary is always down

We configured service connection with 2 tunnels in strata cloud manager, primary and secondary. The primary tunnel is up but the secondary tunnel is still down. For config proposals, phase1 and 2 are appropriate and match.

Is the behavior when the pr

...

Resolved! Prisma Access Browser_How to enforce the use of PAB and block connections from other browsers?

Hello all,

Is it possible to enforce the use of PAB and block connections from other browsers?

The inability to restrict access to only PAB allows other browsers to connect, introducing a potential security vulnerability.

Discussions

Welcome to the Prisma Access Discussions!

Rules and Best Practices

Resolved! Regarding the selection of the MU-SPN connection destination

Resolved! Please tell me about the DNS server address that is dynamically set when connecting to Global Protect.

GP agent as user to ip mapping method for Prisma remote network

Time Zone Issues with Prisma Global Protect

Service Connection Redundancy

BGP

Resolved! About MU-SPN behavior when IP Optimization function is enabled

Multiple IdPs for GP Authentication

Resolved! Prisma Access Global Protect: Slow YouTube And Video Traffic

Prisma Access - CIE multi profile - breaks SSO

Configuration of Remote network in prisma cloud with my home-office network

How to troubleshoot the Prisma Access Browser Extension on Mac.

Prisma explicit proxy for on-premises servers?

IPSEC Tunnel Secondary is always down

Resolved! Prisma Access Browser_How to enforce the use of PAB and block connections from other browsers?

ZTNA Connector prisma access

I'd like to know about certificates for GlobalProtect user authentication.

Please tell me about Client to Firewall and Firewall to Client in the Strata Cloud Manager Firewall/Decryption log.

Could you please tell me about the Embedded Browser Framework Upgrade, an enhancement of GlobalProtect version 6.3?

Regarding the selection of the MU-SPN connection destination

Re: Portal Auth v Gateway Auth

Re: Please tell me about the maximum number of sites that each Remote Network SPN can accommodate.

Re: Service Connection and Cisco ASA - problem with establish VPN and BGP

Re: Could you please tell me about the Embedded Browser Framework Upgrade, an enhancement of GlobalProtect version 6.3?

Unlock your full community experience!

Rules and Best Practices

Resolved! Regarding the selection of the MU-SPN connection destination

Resolved! Please tell me about the DNS server address that is dynamically set when connecting to Global Protect.

Resolved! About MU-SPN behavior when IP Optimization function is enabled

Resolved! Prisma Access Global Protect: Slow YouTube And Video Traffic

Resolved! Prisma Access Browser_How to enforce the use of PAB and block connections from other browsers?