This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew
Prisma SD-WAN Discussions
Discuss Prisma SD-WAN, Palo Alto Networks cloud-delivered service that implements app-defined, autonomous SD-WAN to help you secure and connect your branch offices, data centers and large campus sites without increasing cost and complexity.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Prisma SD-WAN Discussions
Discuss Prisma SD-WAN, Palo Alto Networks cloud-delivered service that implements app-defined, autonomous SD-WAN to help you secure and connect your branch offices, data centers and large campus sites without increasing cost and complexity.
About Prisma SD-WAN Discussions
Discuss Prisma SD-WAN, Palo Alto Networks cloud-delivered service that implements app-defined, autonomous SD-WAN to help you secure and connect your branch offices, data centers and large campus sites without increasing cost and complexity.

Discussions

Start a conversation

Welcome to the Prisma SD-WAN Discussions!

To make this forum valuable and enjoyable for everyone, please review the following guidelines before participating: Rules and Best Practices Be Respectful: Treat fellow community members with professionalism and courtesy. Constructive discussions are encouraged; disrespectful or inflammatory comments are not. Stay On-Topic: This board is d...

JayGolf by Community Team Member
  • 4050 Views
  • 0 replies
  • 0 Likes

Prisma SD WAN and Zscaler

With the Zscaler client already installed on computers, what are the available options not to send the traffic from an endpoint to the Zscaler VPN tunnel (IPSec or GRE) when an endpoint is in the office? What ends up happening is the endpoint is tunneling to Zscaler via an installed app, and the same traffic is again being tunneled and sent to ...

SDWAN recommendations

I have to configure SDWAN in a scenario with one hub and several branches. All branches has the same network config only changing Public IP. This branches only has one transport (FTTH). So mi questions are: Do you recommend to create a common template with all SDWAN related used in all branches? or use a template SDWAN for each FW with all con...

BigPalo by L4 Transporter
  • 3676 Views
  • 0 replies
  • 0 Likes

Need to know different metrics part of network_point_metrics_bw API

Hi , currently working with the SD-WAN monitor API endpoint (/sdwan/monitor/v2.0/api/monitor/network_point_metrics_bw) to pull bandwidth data for sites. So far, successfully retrieved ingress and egress data using the "BandwidthUsage" metric in the request payload. To expand our implementation, I would like to clarify a few points: Could you...

Not Receiving Bandwidth Capacity from SD-WAN Monitoring API

Hi team, We're currently using the following API to retrieve bandwidth metrics:https://api.sase.paloaltonetworks.com/sdwan/monitor/v2.0/api/monitor/network_point_metrics_bw We're successfully receiving the bandwidth usage data; however, the response does not include the bandwidth capacity as expected.Could you please clarify whether the API supp...

Cortex XSIAM and Prisma SD-WAN integration?

Hi, I am trying to understand the two products in the subject and how much integration there between them. I was not able to find a clear documentation or whitepaper where it says that Cortex XSIAM can ingest logs from Prima SD-WAN and how. Is there some kind of pairing between XSIAM cloud and Prima SD-WAN cloud? Thank you.

sipri77 by L0 Member
  • 2387 Views
  • 0 replies
  • 0 Likes

6.5.1 performance

I am reaching out to see if anyone is running 6.5.1 and how performance has been. We are running 6.4.1-b7 and are running into an issue where the ION's will initiate an HA event. At one site, it was user impacting and at the second site, we did not receive any tickets that it was user impacting. I opened a case, and after waiting we were told...

Resolved! ION Device AAA - Tacacs+ Attributes

HI, Is there a doco somewhere that describes the tacacs+ attributes required for ION devices. I have the auth working from our ISE implementation but only ever get read-only access to the devices due to missing role attributes but not sure on what specific and the logs dont mention. Cheers, Garrick

DunkleyG by L0 Member
  • 4859 Views
  • 1 replies
  • 0 Likes

BGP Routing between vION and Connect Peer TGW in AWS

We have 2 vIONs deployed in AWS which are the Data Center devices and they are not in HA (Standalone). It has a BGP connections to the connect peer TGW (in AWS). How are the subnets of Branch Office advertised from vION to Connect Peer TGW. I can see the route map and prefix list are autogenerated and cannot be manually edited. Additionally I al...

Weak Path Affinity

We're looking at some interesting issues around app shift between our Prisma Access tunnel and local/DC breakout. Session starts as SSL, gets pushed over the PA tunnel, gets reidentified as an app that is set to breakout locally and the ION duly changes path and breaks the session. Most apps/devices tolerate this fine, but some refuse to reattem...

SASE API - SD-WAN

So I am playing with the API currently however, I am having an issue trying to find a call where i can specify a SiteID and retrieve all the current overlays on that site. The goal of course is to be able to add/remove overlays(auto VPN) to the sites/ions through API but getting a little bit of a rough start. Any help much appreciated.

Feature Request: Policy Rollback

I couldn't find anywhere if they have a feature request section. I would like a feature that allows you rollback a policy if it goes wrong. The current option is to clone a policy and apply the changes to the cloned policy. While this is functional, it can become challenging if you have a naming convention in place for your path sets. I'd b...

DHCP Scope Mapping to Subinterfaces in Prisma SD-WAN (ION Device)

Hi Community, I’ve configured two DHCP scopes with different IP subnets under the Branch Site configuration in Prisma SD-WAN. On the corresponding ION device, I’ve also created two subinterfaces, each intended for a different VLAN and subnet. I would like to understand:How does the ION device ensure that the correct DHCP scope is applied to th...

Resolved! Traceroute traversing ION are never visible

When running a traceroute that traverses a Prisma SD-Wan ION; any hop beyond the ION we receive a "request timed out". Is this expected behavior that we cannot fix? We have a number of tools that rely on traceroute for path visualization, and this has been an issue that we have found with the IONs.

Chason by L0 Member
  • 5852 Views
  • 4 replies
  • 0 Likes
  • 124 Posts
  • 48 Subscriptions
LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks