This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Prisma Access Discussions
Prisma Access secures access to the cloud for branch offices and mobile users anywhere in the world with a scalable, cloud-native architecture that will soon be managed via a new streamlined cloud management UI.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Prisma Access Discussions
Prisma Access secures access to the cloud for branch offices and mobile users anywhere in the world with a scalable, cloud-native architecture that will soon be managed via a new streamlined cloud management UI.
About Prisma Access Discussions
Prisma Access secures access to the cloud for branch offices and mobile users anywhere in the world with a scalable, cloud-native architecture that will soon be managed via a new streamlined cloud management UI.

Discussions

Start a conversation

Welcome to the Prisma Access Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 2637 Views
  • 0 replies
  • 1 Likes

Please tell me about the PrismaAccess license expiration time.

Attention: JAPAC TPM teamHello Team, If anyone knows the license expiration time for Prisma Access, please let me know. I checked the URL below and it says 12:00 AM (GMT) for PA-VM. I couldn't find any documentation for Prisma Access. Is this the same? https://docs.paloaltonetworks.com/vm-series/11-0/vm-series-deployment/license-the-vm-ser...

y.saitou by L3 Networker
  • 654 Views
  • 0 replies
  • 0 Likes

Please tell me about the maximum number of sites that each Remote Network SPN can accommodate.

Attention: JAPAC TPM teamHello Team, My understanding is as follows:- If a compute location is assigned a bandwidth of 501Mbps or more in the RN settings, up to 500 sites can be supported per SPN.- Bandwidth is automatically configured based on the usage of each location. For example, if a compute location is assigned 1200Mbps, two SPNs will...

y.saitou by L3 Networker
  • 1624 Views
  • 2 replies
  • 0 Likes

MasterDevice Configuration

Hello PaloAlto engineer Team, I'm trying to configure the MasterDevice. Setting the MasterDevice to CIE doesn't mean the MasterDevice settings will be applied to Prisma Access or all devices in the device group, right? I understand that the MasterDevice just lets me know which device group the username will appear in the security policy. h...

Portal Auth v Gateway Auth

Hello everyone, I have read countless Palo documents and forums but still a little unclear on the above. I'm hoping someone can clear this up for me. The environment I am referring to is Global Protect / Strata Cloud Manager. Under workflows/ prisma access setup / global protect - On that screen under the infrastructure tab we have "User Aut...

ExitCalm by L0 Member
  • 921 Views
  • 1 replies
  • 0 Likes

Microsoft Intune and Autopilot Hybrid AD Join via Prisma

We are having an interesting problem with current GlobalProtect PreLogon domain join.. We have a SCEP infra along with Prisma Global protect and pre-logon configured. We are able to complete a pre-logon and initiate a first login, which then takes us back to Autopilot screen a moment later. Problem is, when it goes back to Autopilot to complete...

Service Connection and Cisco ASA - problem with establish VPN and BGP

Hello Team! I writing this post because I can't find any configuration example which show how to configure S2S VPN between SC and Cisco ASA. I tried to do it by myself and it looks like working, but can't establish BGP peering. On ASA side, I configured route base VPN - using interface tunnel. First little wrinkle with that is ip address for int...

On-Boarding of Cisco SDWAN to Prisma

We are trying to on-board Cisco SDWAN Catalyst to Prisma. Created the necessary IKE/IPSEC configurations, etc, followed Integrate Prisma Access with Cisco Catalyst SD-WAN (Manual Integration) KB When we push to remote networks we receive a validation error [status]: commit failed [errors]: Validation error occurred in:Region: US East Validation ...

Resolved! I'd like to know about certificates for GlobalProtect user authentication.

Attention: JAPAC TPM teamHello Team, Is it possible to apply client certificates to only some user authentications using GlobalProtect depending on the OS type? My understanding is that if a certificate is specified in GlobalProtect's user authentication settings, it will also be set in other user authentication settings, so I don't think th...

y.saitou by L3 Networker
  • 4019 Views
  • 2 replies
  • 0 Likes

The user information linked in the CIE does not match the match criteria in the GP's application settings.

We would like to know the user information that corresponds to the GP sign-in account and tunnel settings and other matching conditions.We are currently verifying SAML login and SSO in our verification environment.In the GP application and tunnel settings, we have specified the user information obtained from the Entra ID as the matching conditio...

Resolved! Could you please tell me about the Embedded Browser Framework Upgrade, an enhancement of GlobalProtect version 6.3?

Attention: JAPAC TPM teamHello Team, I wanted to reduce the amount of user interaction with GlobalProtect's SAML authentication, so I did some research and found the following feature.https://svc-desc.paloaltonetworks.com/mobile-users/gp/gp-agent/#embedded-browser-framework-upgrade◇Embedded Browser Framework UpgradeAs part of pre-implementatio...

y.saitou by L3 Networker
  • 3838 Views
  • 2 replies
  • 0 Likes

Resolved! Please tell me about Client to Firewall and Firewall to Client in the Strata Cloud Manager Firewall/Decryption log.

Attention: JAPAC TPM teamHello Team, Please tell me about Client to Firewall and Firewall to Client in the StrataCloudManager Firewall/Decryption log. My understanding of Client to Firewall and Firewall to Client is as follows.-Client to Firewall: TLS handshake information sent by the client (Client Hello, etc.)-Firewall to Client: TLS informa...

y.saitou by L3 Networker
  • 1857 Views
  • 1 replies
  • 0 Likes

Could you please explain the security policy's "Internet Access Rule"?

Attention: JAPAC TPM teamHello Team, Could you please explain the security policy's "Internet Access Rule"? I have a question about the "File Control Profile" item under "Security Inspection" at the bottom of the settings screen. ▼Predefined- All file types- Best practices- Block file types What does each of these do? Also, there is a "Custo...

y.saitou by L3 Networker
  • 1586 Views
  • 2 replies
  • 0 Likes

Resolved! Regarding the selection of the MU-SPN connection destination

Attention: JAPAC TPM teamHello Team, When IP Optimization is disabled and there are multiple MU-SPNs in a single compute location,how is the MU-SPN to be connected to selected? I understand that it connects to the one that is physically close and has the fastest response,but is load balancing performed? If load balancing is performed, what m...

y.saitou by L3 Networker
  • 1792 Views
  • 2 replies
  • 0 Likes
  • 387 Posts
  • 79 Subscriptions
Top Liked Authors
View All
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks