Enable ZTNA Connector (Strata Cloud Manager)

1. Configure the IP address blocks that Prisma Access will use internally to route traffic to the ZTNA Connector and the private apps you onboard.

   You must define separate IP address blocks for your connectors and your applications and the blocks cannot overlap with each other, with the Prisma Access infrastructure subnet, or with you GlobalProtect IP address pool.

   • Select WorkflowsPrisma Access SetupPrisma AccessInfrastructure Settings.

   • Add ZTNA Connectors Application IP Blocks.
     You can add a single Application IP Block, or multiple blocks depending on your deployment. For example, enter 100.64.10.0/24 and 100.64.11.0/24. You can also Advertise Application IP blocks to Remote Networks to provide remote network access.
   • Add ZTNA Connectors Connector IP Blocks that Prisma Access will use internally to route traffic between mobile users, remote networks and the connector VMs in your data centers.
     You can add a single Connector IP Block, or multiple blocks depending on your deployment. For example, enter 100.65.10.0/24 and 100.65.11.0/24.

   • Click Save to save the IP address block configuration and then Commit and push the configuration.
2. Launch ZTNA Connector from Strata Cloud Manager.

   • Select WorkflowsZTNA Connector.
   • Prisma Access begins setting up the infrastructure for the ZTNA Connector. This may take a few minutes.

   • When onboarding finishes, the ZTNA Connector Overview displays.