Learn about the connection methods and network protocols that Prisma Access Agent
utilizes to establish and maintain secure remote access.
Prisma Access Agent utilizes various connection methods and network protocols to
establish and maintain secure remote access for endpoints.
Where Can I Use This?
What Do I Need?
Prisma Access (Managed by Strata Cloud Manager)
Prisma Access (Managed by Panorama)
NGFW (Managed by Panorama)
Check the prerequisites for the deployment you're
using
Contact your Palo Alto Networks account representative to
activate the Prisma Access Agent feature
Fallback from IPSec to SSL for Prisma Access Agent
Prisma Access Agent supports fallback from IPSec to SSL, similar to
GlobalProtect™. This feature maintains user connectivity when IPSec connections
fail. The agent first attempts an IPSec connection. If blocked or unsuccessful, it
switches to SSL using TCP port 443. This process is automatic and is transparent to
your users, minimizing disruptions to their workflow. Prisma Access Agent logs
fallback events so you can monitor fallback occurrences and optimize network
settings accordingly. This fallback mechanism improves remote access reliability
across various network conditions.
IPv4 Support for Prisma Access Agent
Prisma Access Agent supports IPv4, making it compatible with most network
infrastructures. It creates secure connections over IPv4 networks, letting users
access company resources remotely. The agent handles IPv4 address assignment,
traffic routing, and DNS resolution. You can configure IPv4 settings in the tenant,
including IP address pools, split-tunnel options, and DNS servers. This enables the
agent to work effectively with existing IPv4 corporate networks and applications,
providing consistent access for remote users.
