Minimum Required GlobalProtect Client Version: 6.0 or a
later version
If you are using an explicit proxy, ensure to set it up for mobile users. After adding
your Azure Active Directory in the Cloud Identity Engine, authorize users in Prisma
Access.
In Prisma Access, verify if it is connected to Cloud Identity Engine, and that
Cloud Identity Engine is sharing directory information with Prisma Access.
Select
Manage
Configuration
Identity Services
Cloud Identity Engine
.
Confirm the directory details you added in the Cloud Identity Engine
app for the integration.
Mark the incoming traffic based on the source.
Select
Manage
Configuration
Security Services
Security Policy
.
(
For GlobalProtect mobile users and remote networks only
)
Add Rule
or edit an existing security policy
rule for
GlobalProtect
mobile users or
Remote Networks
.
(
For explicit proxy mobile users only
)
Add
Rule
or edit an existing security policy rule for
Explicit Proxy
mobile users.
Add users or user groups from the Azure active directory to your
security policy rule and save the policy.
View the users and user groups you added under the
Source
column.
Push
the configurations.
Verify the user or user group mapping.
For GlobalProtect mobile users only
In Prisma Access, select
Insights
Mobile Users - GlobalProtect
.
View details about mobile users
and devices connected for a time range you select.
For explicit proxy mobile users only
Copy the PAC file URL to the endpoint.
Go to
Manage
Service Setup
Explicit Proxy
Infrastructure Settings
to view the PAC file URL.
Access a URL that requires authorization.
Enter the credentials.
In Prisma Access, view the user mapping information by running the
show user ip-user-mapping all
command.
(
Optional
) In Prisma Access, select
Insights
Mobile Users - Explicit Proxy
.
View details about mobile users
connected for a time range you select.