Prisma Access
Cloud Management
Table of Contents
Cloud Management
Learn how to configure a ZTNA Connector in
Prisma Access
.Use the following workflow to enable ZTNA Connector in Cloud Managed Prisma
Access.
- Configure the IP address blocks thatPrisma Accesswill use internally to route traffic to the ZTNA Connector and the private apps you onboard.You must define separate IP address blocks for your connectors and your applications and the blocks cannot overlap with each other, with the Prisma Access infrastructure subnet, or with you GlobalProtect IP address pool.
- Select and Edit theInfrastructure Settings.If you're using Strata Cloud Manager, go to .
- AddZTNA Connectors Application IP Blocks.You can add a single Application IP Block, or multiple blocks depending on your deployment. For example, enter 100.64.10.0/24 and 100.64.11.0/24. You can alsoAdvertise Application IP blocks to Remote Networksto provide remote network access.Use RFC 1918 or RFC 6598 addresses. You can specify an RFC 1918 address pool during ZTNA Connector setup instead of RFC 6598; however, you cannot change the address pool type back to RFC 6598 after you specify RFC 1918.
- AddZTNA Connectors Connector IP BlocksthatPrisma Accesswill use internally to route traffic between mobile users, remote networks and the connector VMs in your data centers.You can add a single Connector IP Block, or multiple blocks depending on your deployment. For example, enter 100.65.10.0/24 and 100.65.11.0/24.
- ClickSaveto save the IP address block configuration and thenCommitand push the configuration.
- Launch ZTNA Connector from the Prisma SASE Platform.
- Log in toPrisma SASE Platform.
- Select .
If you're using Strata Cloud Manager, go to . - If you haven't done so already,Enable ZTNA Connector.
- Prisma Accessbegins setting up the infrastructure for the ZTNA Connector. This may take a few minutes.
- When onboarding finishes, the ZTNA Connector Overview displays.
