Prisma Access
DNS for Prisma Access (Strata Cloud Manager)
Table of Contents
DNS for Prisma Access (Strata Cloud Manager)
Enable Prisma Access to resolve both internal and public
domains. You can choose to use Prisma Access DNS or let Prisma Access
leverage your organization’s DNS setup.
Here’s how to set up Prisma Access to resolve
internal domains, and how to customize DNS settings (to resolve
both internal and public domains) for mobile user deployments and
remote network sites.
- Set up internal domain lists that apply to all traffic.
- Select and Add Internal DNS Servers.
![]()
Enter the primary DNS server and secondary DNS server that Prisma Access should use to resolve the internal domain names.Add the internal domain names to send to these DNS servers for resolution.You can use a wildcard (*) in front of the domains in the domain list, for example *.acme.local or *.acme.com.Add internal domain lists that apply only to specific mobile user deployments or remote network sites.- Configure DNS settings:
- Mobile Users—Go to find Client DNS.
![]()
- Remote Networks—Go to find DNS Proxy.
![]()
- Use the Worldwide default (the Prisma Access default DNS server) or customize settings based on region. In either case, select the region to adjust and customize the DNS settings for that region.
- Check the option to use these DNS settings to resolve internal domains and optionally Use the internal DNS Server for resolving public domains too. If you don’t select this option, Prisma Access uses its cloud default DNS server to resolve requests for public domains.
- Allow traffic from all addresses in your mobile user IP address pool to-your DNS servers.The DNS proxy in Prisma Access sends the requests to the DNS servers you specify. The source address in the DNS request is the first IP address in the IP pool you assign to the region. To ensure that your DNS requests can reach the servers you will need to make sure that you allow traffic from all addresses in your mobile user IP address pool to your DNS servers.
