Prisma Access
Cloud Management
Table of Contents
Expand All
|
Collapse All
Prisma Access Docs
-
- Prisma Access China
- 4.0 & Later
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
-
-
-
- 5.0 Preferred and Innovation
- 4.2 Preferred
- 4.1 Preferred
- 4.0 Preferred
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
Cloud Management
Cloud Management
Learn how to enable the egress IP allowlists for existing cloud managed mobile
users.
Enable
Prisma Access
to display the egress
IP addresses for Prisma Access
traffic. Use these IP addresses in
the IP allow lists for your SaaS applications, where you’re restricting
usage to authorized users or sources.- Go to.ManageService SetupMobile UsersIf you're using Strata Cloud Manager, go toand editWorkflowsPrisma AccessSetupGlobalProtectInfrastructuresettings.Prisma AccessLocations
- Display the IP addresses forPrisma Accesslocations.
- EnableEgress IP Allowlist to display the IP addresses for onboardedPrisma Accesslocations.
- Copy and add the allocated IP addresses to the allowlists of your SaaS applications.
- Migrateto confirm the IP addresses allocated for the onboarded locations inPrisma Access.
- Retrieve the IP addresses for new onboarded location or during an auto-scaling event.
- Select theLocationname to find the new egress IP addresses allocated to the location.
- Add these IP addresses to the allowlists for your Saas applications before you confirm them inPrisma Access.
- Push your changes toPrisma Access.
Statuses of Allocated Egress IP Addresses
The status column in the Egress IP Allowlists
indicates if all the allocated IP addresses for the locations are
provisioned for your deployment. Read on to learn about each status.
- Provisioned- You have added the egress IP addresses to the allowlists of your SaaS applications, confirmed the IP addresses inPrisma Access, and pushed your changes to make them fully provisioned.
- Partially Provisioned- You have added the first set of egress IP addresses, confirmed them in thePrisma Access, and pushed your changes. However,Prisma Accesshas added another set of IP addresses as part of an auto-scale event, and those IP addresses are not confirmed inPrisma Access.
- Not Provisioned-Prisma Accesshas allocated IP addresses for the location, and you have added the egress IP addresses to the allowlists of your SaaS applications and confirmed them inPrisma Access, but you have not yet onboarded this location.
- Cannot be Provisioned- You have onboarded this location, but have not yet confirmed inPrisma Accessand pushed your changes.
The Egress IP Allowlists table also indicates the number
of IP addresses that are confirmed and yet to be confirmed in Prisma
Access. For example, 1/2 means, 1 out of 2 IP addresses allocated
for the location is confirmed in
Prisma Access
.