Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

How to check the configurations defined within the default templates or profiles ?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

How to check the configurations defined within the default templates or profiles ?

L1 Bithead

I dont have access to our Prisma Access yet. Hence, as the title suggests, I am looking for configurations defined within the default templates or profiles ?

 

  1. Service_Conn_Template
  2. default parent group
  3. default authentication profile
  4. default IPSec Crypto Profile

Can someone please direct me to the right documentation ?

4 REPLIES 4

L4 Transporter

@devd_25 

 

The default templates have no config on authentication but include  IPsec config  in service connection and remote network template

 

Following is the order of templates

  • Service_Conn_Template_Stack
    • Service_Conn_Template
  • Remote_Network_Template_Stack
    • Remote_Network_Template
  • Mobile_User_Template_Stack
    • Mobile_User_Template

 

Device groups

  • Parent device group - Needs to be configured by admin during onboarding. of each service. 
  • Device groups for config
    • Service_Conn_Device_Group
    • Remote_Network_Device_Group
    • Mobile_User_Device_Group

How to check the config

1. You can view the config from GUI using Panorama as similar to regular templates and device groups and look into Cloud plugin config

2. You can set cli config output format to set and match to the template of device group of interest

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClHoCAK

 

Prisma Access Admin guide: https://docs.paloaltonetworks.com/prisma/prisma-access/prisma-access-panorama-admin.html

 

 


~ Sai Srivastava Tumuluri ~

L4 Transporter

@devd_25 

 

Parent Device Group - This needs to be manually set by admin during the onboarding of the services. 

https://docs.paloaltonetworks.com/prisma/prisma-access/prisma-access-panorama-admin/license-prisma-a...

 

default authentication profile -  there is none. However, there are pre-defined IPsec configs. There are no default configs under the pre-defined template and device groups

https://docs.paloaltonetworks.com/prisma/prisma-access/prisma-access-panorama-admin/prisma-access-fo...

 

how to check config - you can navigate via regular template and device groups via GUI. Or you can set the CLI output to set and check the config from CLI by matching to pre-defined templates and device-groups

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClHoCAK

 

Predefined templates and device groups

 

  1. Service_Conn_Device_Group
  2. Remote_Network_Device_Group
  3. Mobile_User_Device_Group

 

  • Service_Conn_Template_Stack
    • Service_Conn_Template
  • Remote_Network_Template_Stack
    • Remote_Network_Template
  • Mobile_User_Template_Stack
    • Mobile_User_Template

 

 


~ Sai Srivastava Tumuluri ~

L4 Transporter

Parent Device Group - This needs to be manually set by admin during the onboarding of the services. 

https://docs.paloaltonetworks.com/prisma/prisma-access/prisma-access-panorama-admin/license-prisma-a...

 

default authentication profile -  there is none. However, there are pre-defined IPsec configs. There are no default configs under the pre-defined template and device groups

https://docs.paloaltonetworks.com/prisma/prisma-access/prisma-access-panorama-admin/prisma-access-fo...

 

how to check config - you can navigate via regular template and device groups via GUI. Or you can set the CLI output to set and check the config from CLI by matching to pre-defined templates and device-groups

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClHoCAK

 

Predefined templates and device groups

 

  • Service_Conn_Device_Group
  • Remote_Network_Device_Group
  • Mobile_User_Device_Group

 

  • Service_Conn_Template_Stack
    • Service_Conn_Template
  • Remote_Network_Template_Stack
    • Remote_Network_Template
  • Mobile_User_Template_Stack
    • Mobile_User_Template

~ Sai Srivastava Tumuluri ~

@devd_25 Please mark it solved if you are satisfied with the solution. This closes the discussion and helps others to fastly identify the solutions

 

~ Sai Srivastava Tumuluri ~


~ Sai Srivastava Tumuluri ~
  • 7650 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!