>
    Native IPv6 Support Overview
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma Access
    3. Prisma Access Advanced Deployments
    4. IPv6 Support
    5. Native IPv6 Support Overview
    Download PDF
    Prisma Access

    Native IPv6 Support Overview

    Table of Contents

    Native IPv6 Support Overview

    Prisma Access is expanding support for IPv6 beyond access to private applications to support IPv6 for GlobalProtect as well as Remote Networks natively.
    Where Can I Use This?What Do I Need?
    • Prisma Access (Managed by Strata Cloud Manager)
    • Prisma Access (Managed by Panorama)
    • Prisma Access license version 2.2 Preferred and later
    • Native IPv6 access to public and private apps requires the following minimum releases:
      • Prisma Access (Managed by Strata Cloud Manager): June 2024 release
      • Prisma Access (Managed by Panorama): Prisma Access 5.1.1 for new deployments only.
      Any other deployments (including existing Prisma Access (Managed by Panorama) deployments) support private app access only.
    Prisma Access expands support for IPv6 beyond access to private applications to support IPv6 for GlobalProtect as well as Remote Networks natively.
    One benefit of native IPv6 support is the ability for Mobile Users at IPv6 only and dual-stack endpoints to connect to Prisma Access over IPv6 connections using GlobalProtect. Another benefit is the ability for GlobalProtect and Remote Networks to access the internet and public SaaS applications over the internet where those internet destinations require IPv6 connections.
    IPv6 offers a significantly larger address space over IPv4, allowing for an almost unlimited number of unique IP addresses. At the same time, dual stack is a transitional approach that allows networks and devices to operate using both IPv4 and IPv6 simultaneously. Native IPv6 support makes Prisma Access compatible with both IPv6 and dual-stack connections to ease the migration process from IPv4 to IPv6, ensure backward compatibility, and empower your journey to the cloud and IPv6-enabled networks.

    Private App Support

    Some Prisma Access deployments support IPv6 connections to internal "private" apps. Prisma Access connects to data centers (Service Connections) and branch offices (Remote Networks) using underlay, in which IPv6 traffic is passed through an IPv4 tunnel.

    Native IPv6 in Prisma Access

    Prisma Access
    • Dual Stack IPv4/IPv6 Inbound connections to Prisma Access
    • Dual Stack IPv4/IPv6 Outbound connections to the internet and SaaS Apps via the internet
    Now, users can connect to the internet and "public" SaaS apps via the internet using IPv6.
    External users (Mobile Users) need to be on one of the following supported GlobalProtect versions for native IPv6 to work:
    • 5.2.13-c418 (Win/Mac)
    • 6.0.7-c378 (Win/Mac)
    • 6.0.7-c20 (Linux)
    • 6.1.2 (Win/Mac/Linux)
    • 6.2.0-c89 (Win/Mac)
    The following table shows the connectivity supported with IPv4 and IPv6 Prisma Access deployments. A check mark indicates this connectivity is supported, and a dash indicates it's not.
    Follow these workflows to Enable IPv6 in your configuration.

    © 2024 Palo Alto Networks, Inc. All rights reserved.