Focus

Prisma Access

Configure Real-Name Registration and Create the VPCs in Alibaba Cloud

Table of Contents

Filter

Expand All | Collapse All

Prisma Access Docs

Administration
Version
- Prisma Access China
- 4.0 & Later
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
Integrations
Incidents & Alerts
Release Notes
Version
- 5.0 Preferred and Innovation
- 4.2 Preferred
- 4.1 Preferred
- 4.0 Preferred
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred

Configure Prisma Access for Mobile Users in China

Attach the CEN and Specify the Bandwidth

Configure Real-Name Registration and Create the VPCs in Alibaba Cloud

Where Can I Use This?	What Do I Need?
`Prisma Access (Panorama Managed)`	`Prisma Access` license

To onboard mobile users in mainland China, you begin the configuration of Alibaba Cloud, then create and configure two VPC instances for the two termination points of the Prisma Access service connection (a VM-series next-generation router in China and a virtual Linux router outside of China).

Before you begin configuration in Alibaba Cloud, you must complete Real-Name Registration and configure and purchase bandwidth for CEN.

Complete real-name registration in Alibaba Cloud, if you have not done so already.

Organizations with an international Alibaba Cloud account can use a copy of a valid Driver’s license or passport to complete this registration. After you obtain the required documents, select Alibaba Cloud account management to submit required information and documents.

Determine the amount of bandwidth you require between the branch office and service connection to access corporate applications and resources.

You use this information when you create the CEN for the VPCs. You can use both the required bandwidth for the CEN and the cost of the CEN in your determination.

Create the VPC in China (VPC 1) and for the Prisma Access location (VPC 2).

In the

Networking

area, select

Virtual Private Cloud.

Select

Create VPC

Create a new VPC and vSwitch in the VPC.

For VPC 1, select a

Region

that is closest to the branch office in mainland China; the following example uses

China (Shenzhen)

as the location. For VPC 2, select a region outside China; the examples in this workflow use a region in Japan as VPC 2.

Wait for Alibaba Cloud to create the VPC, then select

Create VSwitch

and add three vSwitches:

One vSwitch for the management (

Mgmt

) interface.

One vSwitch for the

Untrust

interface.

One vSwitch for the

Trust

interface.

You associate these vSwitches to an Elastic Network Interface (ENI) when you create Linux instances for the VPCs in Alibaba Cloud.

Select

Create EIP

to create an elastic IP.

Specify the parameters for the Elastic IP.

Make a note of the elastic IP address; you use this address when you create a server certificate for the GlobalProtect gateway (you use the IP address as the common name (CN)).

Create VPC 2, using the same steps you used to create VPC 1, but specify a

Region

that is outside mainland China and close to a Prisma Access location.

To configure a second GlobalProtect gateway for redundancy, add another VPC. You add a VM-series firewall to the second VPC you create in a later task.

Configure Prisma Access for Mobile Users in China

Attach the CEN and Specify the Bandwidth

Prisma Access Docs

Configure Real-Name Registration and Create the VPCs in Alibaba Cloud

Prisma Access Docs

Configure Real-Name Registration and Create the VPCs in Alibaba Cloud

Recommended For You

Activation & Onboarding

SASE

Cloud-Delivered Security Services

Network Security

Endpoints

Visibility & Monitoring

Best Practices

Experts Corner