This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Prisma Access Discussions
Prisma Access secures access to the cloud for branch offices and mobile users anywhere in the world with a scalable, cloud-native architecture that will soon be managed via a new streamlined cloud management UI.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Prisma Access Discussions
Prisma Access secures access to the cloud for branch offices and mobile users anywhere in the world with a scalable, cloud-native architecture that will soon be managed via a new streamlined cloud management UI.
About Prisma Access Discussions
Prisma Access secures access to the cloud for branch offices and mobile users anywhere in the world with a scalable, cloud-native architecture that will soon be managed via a new streamlined cloud management UI.

Discussions

Start a conversation

Welcome to the Prisma Access Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 2616 Views
  • 0 replies
  • 1 Likes

Resolved! Sending alerts from Panorama via email

Hello, we have configured panorama 10.0.5 to send filtered system logs to email and it works but only for logs generated on panorama. Log filter shows also logs from managed firewalls but thoose logs are not sended and i don't know why. Did anybody had succed sending system logs collected on panorama via email eg. admin login events ? regards,Tomek

Tunnel monitor Prisma Access

Hi All, I build a service connection with Prisma Access (Panorama Managed) and on-prem PA firewall.As I would like to setup a tunnel monitor, but it is required a IP address for tunnel interface and destination. What IP should I input for destination? "Tunnel Monitor IP Address" show in "Service Infrastructure"?And what IP should I assign for op...

JoeKwok by L2 Linker
  • 13161 Views
  • 5 replies
  • 0 Likes

Log out SASE without any alert

My company has just introduced prisma access (SASE) in this year.According to increasing telecommuing and business trip, the concept of SASE is greate and fit to our requirement that everyone can use and external netwrok like an internal network always. By the way, there is a very weird contraint on global protect agent which should ensure netwo...

Very strange limitation of log-in lifetime seletable oprions.

My company has just introduced prisma access (SASE) in this year.According to increasing telecommuing and business trip, the concept of SASE is greate and fit to our requirement that everyone can use and external netwrok like an internal network always. By the way, there is a very weird contraint on global protect agent which should ensure netwo...

Some Palo Alto firewalls in our network can't register to Cortex Data Lake.

Hello!We have about 10 offices, each of them has a firewall, all of them are under Panorama control. Some of these firewalls cannot register in the Cortex Data Lake, if I try to add them manually there, I see the Certificate Status "Needs certificate".Licenses aren't expired. I tried steps from that doc:https://live.paloaltonetworks.com/t5/prism...

Use HIP to deny logon to PA with exception

Has anyone effectively used HIP to deny login to Prisma Access? One of the biggest challenges we had with AnyConnect (and a large reason we are moving away) is that there were no native methods for controlling which device a user was connecting with. I have built a Security Pre-Rule that references the Domain-joined HIP Policy, and I can see the...

Thrace by L0 Member
  • 4035 Views
  • 2 replies
  • 0 Likes

Cloudgenix Prisma SD-WAN network logs

cloudgenix Prisma SDWAN: Who does know the command line on cloudgenix to retrieve actual network log changes ? I am not looking for bgp automated syslog update but an actual network change like adding static route or shutting down an interface

Resolved! Difference between Backup SC and Secondary WAN in Prisma Access?

There are two option can be set on Service Connection One is Secondary WAN and other one is Backup SC I would like to know the difference between them. Is it like a Secondary WAN as a active-passive and Backup SC as a active-active?However, when I set a Secondary WAN, my secondary WAN firewall still receive the BGP advertise from Prisma Access, ...

JoeKwok by L2 Linker
  • 10750 Views
  • 1 replies
  • 0 Likes

Template for Prisma Access to Cisco

Greetings, Is anyone familiar with a template or best practice document for connecting IPSec between Prisma Access gateways and Cisco IOS routers? We have several links up and running, but there seems to be random stability issues that cause the tunnel to drop and reestablish. Anyone run into this?

Prisma Access rules : how to calculate when used?

Viewing through Panorama 10.0.6, while looking at my Mobile_Users_Device_Group, I see various rules showing their levels of usage. What is difference (if any?) between rules that show "unused" vs. those that show "-" in their Rule Used state? Toggling "highlight unused rules" shades both types of rules out, but would be great to understand what ...

Configuring Prisma Access Remote networks and Service Connections on the same device/site

Hi everyone, I wanted to know what would be the challenges to deploy Service Connection and Remote Networks on the same device/site and what would be the best solution or workaround as per PAN best practices As per my understanding, if we deploy Service Connection and Remote Networks then, there could be some routing challenges As a standard co...

Resolved! Is it possible for Prisma Access to split the traffic between the on-premise globalprotect gateways and the prisma cloud based on app/domain/ip_addr?

When using Prisma access and on-premise devices can you do someting like per app_process/domain/destination_ip gateway selection (some traffic to be send to the geteways other to the prisma cloud)? What I mean by this is to do like a split-tunnel for the traffic but instead the excluded appications to be send directly to Internet to the prisma c...

Resolved! Can the internal DNS server be behind SPN not a CAN?

Can the internal global or specific internal DNS servers for mobile users or remote networks be behind SPN and not a CAN as the CAN is just there for routing for mobile users without a real active ipsec tunnel? Basically I mean the internal DNS servers to be in the remote network address space that is connected to the SPN, because the SPN pro...

DNS resolution issue in prisma access for internal domains

We want to access one of the url fs.hdfc.com, which accessible publicly. But when when we connect to Global Protect via Prisma access for this url, DNS Server is resolving for internal address i.e. private ip address.While accessing from outside network, we are able to resolve it for public ip. We want from inside(when connected to GP) and outsi...

  • 385 Posts
  • 78 Subscriptions
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks