Showing results for 
Show  only  | Search instead for 
Did you mean: 

Who rated this post

L6 Presenter

It is possible to see the source public ip addresses that your traffic will use on the Internet that will be given to you and retrive it API script then you can use it:



The prisma access IP addresses can change after time, so see the workaround  at:



Also you have the option "Enable Source NAT for Mobile Users—GlobalProtect IP pool addresses, IP addresses in the Infrastructure Subnet, or both." under a Service connection but maybe dissable that so the Data Center can see the real user ip addresses. Check this:



Prisma Acess for now can't insert XFF (X-Forwarded-For) header which will make life easier as then you can use the real ip addresses but it is what it is.



For inbound traffic you can dissable SNAT this way you will see the real client ip addresses.


As you will starting to work with Prisma Access better take the Palo Alto training as to have the needed knowedge or atleast to see the youtube training EDU-118 that is old but still you will have some basic idea:



That is it from me 🙂


View solution in original post

Who rated this post