Use Predefined IPSec Templates to Onboard Service and Remote Network Connections
Focus
Focus

Use Predefined IPSec Templates to Onboard Service and Remote Network Connections

Table of Contents

Use Predefined IPSec Templates to Onboard Service and Remote Network Connections

Prisma Access includes predefined IPSec templates for common third-party IPSec and SD-WAN devices. These profiles expedite and simplify the onboarding of service connections and remote network connections that use one of these devices to terminate the connection.
Sharing a common template also allows you to Onboard Multiple Remote Network Connections of the Same Type with commonly-shared cryptos, pre-shared keys, and Peer identifiers.
Prisma Access provides you with the following predefined templates that you can use to set up IPSec tunnels between your on-premises device and Prisma Access:
  • IPSec Tunnels (NetworkIPSec Tunnels) under Remote_Network_Template and Service_Conn_Template.
  • IKE Gateways (NetworkNetwork ProfilesIKE Gateways) under Remote_Network_Template and Service_Conn_Template.
  • IPSec Crypto Profiles (NetworkNetwork ProfilesIPSec Crypto) under Remote_Network_Template and Service_Conn_Template.
  • IKE Crypto Profiles (NetworkNetwork ProfilesIKE Crypto) under Remote_Network_Template and Service_Conn_Template.
Currently, templates for the following vendors are available:
In addition to the following templates, we provide a Generic template that you can use with any on-premises device that is not listed here.
  • Cisco appliances:
    • Cisco Integrated Services Routers (ISRs)
    • Cisco Adaptive Security Appliances (ASAs)
  • Citrix
  • Prisma SD-WAN (formerly CloudGenix)
  • Riverbed
  • Silver Peak
Use the following workflows to onboard service connections or remote network connections using the predefined IPSec templates.