Manage Allow Listing for Existing Mobile User Deployments
Table of Contents
Manage Allow Listing for Existing Mobile User Deployments
Migrate an existing Mobile User deployment to one where
Prisma Access requires that you add the public IP address to an
allow list before provisioning it.
If you have an existing Prisma
Access deployment with a version earlier than 3.0 and are upgrading
to a version of Prisma Access that supports the allow listing functionality,
Prisma Access allows you to use the egress IP addresses you have
already been provisioned with no further configuration.
If
you do not need to use the allow listing functionality in your Prisma
Access deployment, take no action. The mobile user onboarding and
procedure is unchanged and Prisma Access allocates egress IP addresses
as before. The only difference is the addition of an
Egress
IP Allow List
table in the area;
however, this table will be empty because you are not using the
allow listing functionality. If you want to enable the allow
listing functionality for an existing Prisma Access deployment, complete
the following steps.
- Select .
- Select yourHostnameandConfigureit (for an existing deployment), orConfigureyour deployment for the first time (for a new deployment).
- SpecifyUsing IP Allow List in SaaS AppsasYes.
- Commit and Pushyour changes to enable the allow listing functionality.Make a note of the following changes to that occur after you enable allow listing and commit and push your changes:
- Prisma Access confirms any egress IP addresses you are already using as being allow listed.
- Prisma Access will not provision any new egress IP addresses that are allocated during onboarding or autoscale events until you confirm them as allow listed. See Manage Allow Listing for New Prisma Access Deployments for the procedure you use to do so.