Retrieve Mobile User IP Addresses
Focus
Focus
Prisma Access

Retrieve Mobile User IP Addresses

Table of Contents

Retrieve Mobile User IP Addresses

Use these legacy scripts to retrieve public and egress IP addresses for mobile user deployments.
Where Can I Use This?
What Do I Need?
  • Prisma Access (Panorama Managed)
This legacy script has been superseded by a new API script as of
Prisma Access
1.5. Palo Alto Networks recommends that you use the newer script to retrieve all IP addresses with the exception of loopback addresses.
If you are adding public IP addresses to allow lists to give mobile users access to SaaS or public applications,
Prisma Access
provides two IP addresses for each gateway and portal IP address so that one IP address can be used during a scaling or other event. You can add this set of IP addresses to an allow list before they are used, preventing any issues with mobile users being able to access SaaS or public applications during a scaling event.
Retrieve these new addresses by completing the following task:
  1. Get the API key by selecting
    Panorama
    Cloud Services
    Configuration
    Service Setup
    ; then, selecting
    Generate API Key
    .
    You need this key to authenticate to
    Prisma Access
    and retrieve the list of IP addresses using the curl command listed below. Only a Panorama administrator or Superuser can generate or access this API key.
  2. Enter the following command to retrieve the mobile user public IP addresses:
    curl -H header-api-key:
    Current-API-Key
    "https://api.prod.datapath.prismaaccess.com/getAddrList/latest?get_egress_ip_all=yes"
    Where
    Current-API-Key
    is the
    Prisma Access
    API key.
    For example, given an API key of
    12345abcde
    , use the following API command to retrieve the public IP address for all locations:
    curl -H header-api-key:12345abcde "https://api.prod.datapath.prismaaccess.com/getAddrList/latest?get_egress_ip_all=yes"
    Every time
    Prisma Access
    uses the one set of public IP addresses, it allocates another set of IP addresses. If you think that
    Prisma Access
    has used the added set of public IP addresses (for example, if a large number of mobile users have accessed a single location), you can run this API command again to find the new set of public IP addresses. All IP addresses persist after an upgrade.

Recommended For You