Prisma Access Discussions

Welcome to the Prisma Access Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Welcome to the Prisma Access Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating:

Rules and Best Practices

Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussion

...

Resolved! Prisma Access Internal DNS Caveat - Reverse Lookup

I haven't seen this anywhere in other posts or documents, so I wanted to share this as it's something I ran into recently.

TL;DR: When setting up internal domains for Prisma DNS to resolve with your internal DNS servers, you have to also add the do

...

Resolved! Can I manipulate routes from Prisma to a data center using BGP MED values

Our HQ currently uses dual ISPs for internet access and has VPN tunnels to Prisma configured across both ISP circuits as primary and secondary VPN tunnels for a single service connection. At HQ both tunnels terminate at a Palo Alto 1420 NGFW HA pair

...

About Service Connection with AWS

hello

I am using AWS by connecting to service connection. (using prisma cloud)

Is there anyone who runs both primary and secondary tunnel connecting AWS?

In my case, bgp neighbor setup was not possible due to the 169.254.0.0/16 band.

It was running s

...

Resolved! Better way to block cloud storage uploading by app-id

Hello, we would like to block cloud storage uploading by app-ID. So you can go to dropbox and download files, but security wants us to block our users ability to upload files.

Our solution is go create a custom application group, like the attached

...

Global Protect/Prisma Cloud not working for travelers

Anyone else facing issues with travelers using Global Protect (with enforcement on) who have a terrible time connecting to captive portals?

This seems to be especially problematic at Marriott Hotels and Regus spaces. From what I gather, if you're

...

I am not able to view response details

-

download PA-VM-ESX-8.1.10.ova for training

where can I download PA-VM-ESX-8.1.10.ova for training purposes

Resolved! Prisma Access Mobile Users - User-id data redistribution to on-prem NGFWs

Hi All,

I have a problem with user-id data redistribution from Prisma Access to on-prem (panorama).

I have 13 globalprotect gateways globally, I see the usernames in traffic logs for all gateways.

I redistribute user-id from prisma to on-prem pan

...

Resolved! Allowing traffic from SC to MU

Hello,

our customer has a lansweeper and needs to monitor devices connected via Global Protect,

is it possible to reach (ping) these devices from the DC passing throug the Service Connection,

Francesco

Where is Prima Access ser Behavior Analytics (UBA) configured?

As mentioned in New Features in Prisma Access 3.2 | Palo Alto Networks now Prisma Access should be able to even automatically block or lock bad users with UBA that do too many violations but there is no more info about this feature anywhere ‌‌樂

I k

...

Bidirectional User-id redistribution between Prisma access and on-prem Firewalls

Hello Everyone,

My user-id redistribution topology is as follows:

Prisma access --> Azure VM 300 firewall --> On-prem PA Firewalls (about 4 HA Pairs) and vice -versa as i need bidirectional ip-username mappings.

Reason to do directional mappings

...

Discussions

Welcome to the Prisma Access Discussions!

Rules and Best Practices

Welcome to the Prisma Access Discussions!

Rules and Best Practices

Resolved! Prisma Access Internal DNS Caveat - Reverse Lookup

Resolved! Can I manipulate routes from Prisma to a data center using BGP MED values

About Service Connection with AWS

Resolved! Better way to block cloud storage uploading by app-id

Global Protect/Prisma Cloud not working for travelers

I am not able to view response details

download PA-VM-ESX-8.1.10.ova for training

Resolved! Prisma Access Mobile Users - User-id data redistribution to on-prem NGFWs

Resolved! Allowing traffic from SC to MU

Where is Prima Access ser Behavior Analytics (UBA) configured?

Bidirectional User-id redistribution between Prisma access and on-prem Firewalls

Saas Tentant Restriction

Prisma Strata Cloud Manager security rules export into csv

File blocking for attachments from corporate Exchange in Outlook APP does not work.

ZTNA Connector prisma access

I'd like to know about certificates for GlobalProtect user authentication.

Please tell me about Client to Firewall and Firewall to Client in the Strata Cloud Manager Firewall/Decryption log.

Could you please tell me about the Embedded Browser Framework Upgrade, an enhancement of GlobalProtect version 6.3?

Regarding the selection of the MU-SPN connection destination

Re: Portal Auth v Gateway Auth

Re: Please tell me about the maximum number of sites that each Remote Network SPN can accommodate.

Re: Service Connection and Cisco ASA - problem with establish VPN and BGP

Re: Could you please tell me about the Embedded Browser Framework Upgrade, an enhancement of GlobalProtect version 6.3?

Unlock your full community experience!

Rules and Best Practices

Rules and Best Practices

Resolved! Prisma Access Internal DNS Caveat - Reverse Lookup

Resolved! Can I manipulate routes from Prisma to a data center using BGP MED values

Resolved! Better way to block cloud storage uploading by app-id

Resolved! Prisma Access Mobile Users - User-id data redistribution to on-prem NGFWs

Resolved! Allowing traffic from SC to MU