Focus

Prisma Access

Cloud Management

Table of Contents

Filter

Expand All | Collapse All

Prisma Access Docs

Administration
Version
- Prisma Access China
- 4.0 & Later
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
Integrations
Incidents & Alerts
Release Notes
Version
- 5.0 Preferred and Innovation
- 4.2 Preferred
- 4.1 Preferred
- 4.0 Preferred
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred

Cloud Management

Enable Prisma Access to resolve both internal and public domains. You can choose to use Prisma Access DNS or let Prisma Access leverage your organization’s DNS setup.

Here’s how to set up Prisma Access to resolve internal domains, and how to customize DNS settings (to resolve both internal and public domains) for mobile user deployments and remote network sites.

Set up internal domain lists that apply to all traffic.

Select

Manage

Service Setup

Shared

and

Add Internal Domain List

If you're using Strata Cloud Manager, go to

Workflows

Prisma Access Setup

Prisma Access

and

Add Internal DNS Servers

Enter the primary DNS server and secondary DNS server that Prisma Access should use to resolve the internal domain names.

Add the internal domain names to send to these DNS servers for resolution.

You can use a wildcard (*) in front of the domains in the domain list, for example *.acme.local or *.acme.com.

Add internal domain lists that apply only to specific mobile user deployments or remote network sites.

Configure DNS settings:

Mobile Users
—Go to

Manage

Service Setup

Mobile Users

Mobile Users Setup

Infrastructure Settings

and find

Client DNS

If you're using Strata Cloud Manager, go to

Workflows

Prisma Access Setup

GlobalProtect

Infrastructure Settings

find

Client DNS

Remote Networks
—Go to

Manage

Service Setup

Remote Networks

Remote Networks Setup

Advanced Settings

and find

DNS Proxy

If you're using Strata Cloud Manager, go to

Workflows

Prisma Access Setup

Remote Networks

Advanced Settings

find

DNS Proxy

Use the Worldwide default (the Prisma Access default DNS server) or customize settings based on region. In either case, select the region to adjust and customize the DNS settings for that region.

Check the option to

use these DNS settings to resolve internal domains

and optionally

Use the internal DNS Server for resolving public domains too

. If you don’t select this option, Prisma Access uses its cloud default DNS server to resolve requests for public domains.

Allow traffic from all addresses in your mobile user IP address pool to-your DNS servers.

The DNS proxy in Prisma Access sends the requests to the DNS servers you specify. The source address in the DNS request is the first IP address in the IP pool you assign to the region. To ensure that your DNS requests can reach the servers you will need to make sure that you allow traffic from all addresses in your mobile user IP address pool to your DNS servers.

Prisma Access Docs

Cloud Management

Prisma Access Docs

Cloud Management

Recommended For You

Activation & Onboarding

SASE

Cloud-Delivered Security Services

Network Security

Endpoints

Visibility & Monitoring

Best Practices

Experts Corner