Prisma Access
Onboard a ZTNA Connector in Microsoft Azure
Table of Contents
Onboard a ZTNA Connector in Microsoft Azure
ZTNA Connector deployment in Microsoft Azure.
- Review the requirements and guidelines and the FQDNs and ports you need to configure to use ZTNA Connector in Microsoft Azure.
- On the Prisma SASE Platform, retrieve and copy the Connector key and secret values: , find the Connector object you created inPrisma Accessto associate with this VM, and selectCopy Token; then, copy theKeyandSecretvalues.If you're using Strata Cloud Manager, go to .
- Fordeployment, you must retrieve and copy the Connector Group key and secret values: , find the Connector Group object you created inPrisma AccessZTNA Connector 1-Arm Auto-ScalingPrisma Accessto associate with this VM, and selectCopy Token; then, copy theKeyandSecret.If you're using Strata Cloud Manager, go to .
After you’ve met all the prerequisites, follow these steps to onboard a ZTNA
Connector in Microsoft Azure.
- Log in to Azure Marketplace, and search for.Prisma AccessZTNA Connector
- ClickGet it Now.
- Continuethe creation process.
- Choose the software plan andCreatethis application in Azure:
Deploy ZTNA Connector 1-Arm in Microsoft Azure
Follow these steps to deploy the 1-Arm ZTNA Connector in Microsoft Azure:
- Configure the following on theBasicstab:
- Select your AzureSubscriptionto manage deployed resources.
- Select an existingResource GrouporCreate new.
- Select an AzureRegionrelevant to your location.
- ClickNext: Prisma ZTNA Connector Configuration.
- Configure a virtual network on thePrisma ZTNA Connector Configurationtab:
- Create a new virtual network or select an existingVirtual network.
- Select theData Center LAN Subnet, where you've provisioned applications to onboard to this Connector.
- Enter thePrisma ZTNA Connector VM Name.
- Enter thePrisma ZTNA Connector License KeyandPrisma ZTNA Connector License Secretvalues you retrieved from the Prisma SASE Portal.
- Review + createto review your managed Prisma ZTNA Connector configuration.
- Confirm the details you've provided and clickCreateto start the virtual machine deployment.
- After deployment is complete, selectGo to resource.
Deploy ZTNA Connector 1-Arm with Autoscale in Microsoft Azure
- Configure the following on theBasicstab:
- Select your AzureSubscriptionto manage deployed resources.
- Select an existingResource GrouporCreate new.
- Select an AzureRegionrelevant to your location.
- ClickNext: Prisma ZTNA Connector Configuration.
- Configure a virtual network on theNext: Prisma ZTNA Connector Configurationtab:
- Create a newVirtual networkor select an existingVirtual network.
- Select theData Center LAN Subnet, where you've provisioned applications to onboard to this Connector.
- Enter thePrisma ZTNA Connector Auto Scale Set Name, specifying the name of the scaleset created in Azure.
- Enter thePrisma ZTNA Connector Autoscale Set Max Instance Count. The maximum number of ZTNA Connectors allowed in the Connector Group is 4.
- Enter thePrisma ZTNA Connector Incoming Mbps Metric for ScaleOut. Enter a value between 100 to 1000.
- Enter thePrisma ZTNA Connector Incoming Mbps Metric for ScaleIn. Enter a value between 1 to 500.
- Enter thePrisma ZTNA Connector License KeyandPrisma ZTNA Connector License Secretvalues you retrieved from the Prisma SASE Portal for the Connector Group where you want to onboard the Connector.
- Review + createto review your managed Prisma ZTNA Connector configuration.
- Confirm the details you've provided and clickCreateto start the virtual machine deployment.
- After deployment is complete, selectGo to resource group.
Deploy ZTNA Connector 2-Arm in Microsoft Azure
Follow these steps to deploy the 2-Arm ZTNA Connector in Microsoft Azure:
- Configure the following on theBasicstab:
- Select your AzureSubscriptionto manage deployed resources.
- Select an existingResource GrouporCreate new.
- Select an AzureRegionrelevant to your location.
- ClickNext: Prisma ZTNA Connector Configuration.
- Configure a virtual network on theNext: Prisma ZTNA Connector Configurationtab:
- Create a newVirtual networkor use an existingVirtual network.
- Select theInternet/Public Subnetfor WAN connectivity to IPSec. You need to have the subnet associated with a NAT gateway for internet connectivity.
- Select theData Center LAN Subnet, where you've provisioned the applications to onboard to this Connector.
- Enter thePrisma ZTNA Connector VM Name.
- Enter theLAN Interface Private IP address.
- Enter the IP address of theLAN Interface Default Gateway.
- Enter the IP address of theLAN Interface DNS Server.
- Enter thePrisma ZTNA Connector License KeyandPrisma ZTNA Connector License Secretvalues you retrieved from the Prisma SASE Portal.
- Review + createto review your managed Prisma ZTNA Connector configuration.
- Confirm the details you've provided and clickCreateto start the virtual machine deployment.
- After deployment is complete, selectGo to resource.