Prisma Access
Default Routes with Traffic Steering Example
Table of Contents
Default Routes with Traffic Steering Example
Examples of how default routes work with
Prisma Access
traffic steering.Where Can I Use
This? | What Do I Need? |
|---|---|
|
|
The following example shows a sample
Prisma Access
deployment
the following components: - TwoPrisma Accessmobile user locations; one in the United States (US) and one in Europe (EU).
- TwoPrisma Accessservice connections; one in the US and one in the EU, with both data centers sending default routes to the service connections (Accept Default Route over Service Connectionsis enabled).
- Two data centers; one in the US and one in the EU.Each data center has a 3rd-party security stack; for this reason, you want all internet-bound traffic to go through the data center before egressing to the internet.
When a mobile user sends data center traffic,
Prisma Access
checks
its routing tables, determines the closest service connection, and
forwards the traffic to that service connection. In the following
example, Prisma Access
sends data center traffic from the mobile
users in the US to Service Connection and traffic from the mobile
users in the EU to Service Connection 2.Do not use service connections that are
Dedicated
for Traffic Steering Only
with default routes; dedicated
service connections do not participate in BGP routing, so they cannot
receive BGP advertisements from the HQ or data center. 
To enable default routes, select
Accept Default Route
over Service Connections
when you configure traffic
steering settings. After you configure this setting and commit and
push your changes, Prisma Access
sends internet-bound traffic over
the service connections.