This section applies if you have a legacy Prisma Access deployment that allocates bandwidth by location. Any new deployments allocate bandwidth by compute location; to learn about how Prisma Access allocates those IP addresses, see Remote Networks: IPSec Termination Nodes and Service IP Addresses.

IP addresses for remote network connections are unique, not shared, and dedicated to your Prisma Access deployment. These IP addresses do not change after Prisma Access creates them as part of remote network onboarding, and the IP addresses persist after an upgrade. However, take care when increasing the bandwidth of an existing connection, because the IP address of a remote network can change if that increase causes the bandwidth in a location to exceed 500 Mbps.

These bandwidth guidelines apply only when you upgrade an existing connection. A single remote network connection, even a 1000 Mbps (Preview) connection, always receives a single Service IP Address, regardless of its size.

The following example shows three remote network connections in the same location, each with a bandwidth of 150 Mbps. Since the total bandwidth is 500 Mbps, Prisma Access assigns a single IP address for all connections in the location.

The following example shows the bandwidth of remote network connection A being increased from 150 Mbps to 300 Mbps. Since the total bandwidth of all connections is now more than 500 Mbps, Prisma Access assigns a new service IP address for the connection with the additional bandwidth. The other service IP addresses remain unchanged.

Conversely, given four remote networks with a bandwidth of 100 Mbps, if you increase the bandwidth of one of the remote networks to 100 Mbps, the Service IP Address of that remote network does not change because the total bandwidth is now 500 Mbps.

To find the service IP addresses in Panorama, select PanoramaCloud ServicesStatusNetwork Details tab and click the Remote Networks radio button to display the Service IP Address for the remote networks, or use the API script.