Configure the Azure Virtual WAN

1. From the Prisma SD-WAN web interface, select CloudBlades.
2. In CloudBlades, locate the Azure Virtual WAN with vION tile and select Configure.

3. In the Azure Virtual WAN with vION Integration page, enter the following information in the fields shown below, change where appropriate.

   • VERSION: Select the version of the Azure Virtual Network Integration CloudBlade.

   • ADMIN STATE: For Admin State, select/retain Enabled.

   • AZURE TENANT ID: Provide the Directory (tenant) ID generated in the previous section on Azure application registration. It is the ID of the Azure Active directory in which an application is created.

   • AZURE CLIENT ID: Provide the Application (client) ID generated in the previous section on Azure application registration. Client ID uniquely identifies an application in the Microsoft identity platform.

   • AZURE CLIENT SECRET: Provide the client secret generated under the Azure application registration. Client secret represents the authentication key string that is generated for a given app registration.

   • AZURE SUBSCRIPTION ID: Provide the subscription ID noted down from the previous section. Subscription ID is a GUID that uniquely identifies the subscription to use Azure services

   • TRANSIT VIRTUAL NETWORK CIDR: Provide comma-separated list of non-overlapping CIDRs for each region. The CIDR represents the private address space of the Virtual Network that hosts the Prisma SD-WAN vION instances and their associated resources in Azure. Prefix lengths of /16 up to /26 are supported. Format: <Azure Region Code>:<CIDR>. Example: westus:10.10.0.0/16.

   • Optional VIRTUAL HUB CIDR: Provide a comma-separated list of non-overlapping CIDRs for each virtual hub to be deployed. Prefix lengths between /1 and /24 are supported. This field is required only for new virtual hub deployments (Greenfield). Format: <Azure Region Code>:<CIDR> Example: westus:10.35.0.0/24.

   • Optional VIRTUAL WAN RESOURCE: Provide the name of the virtual WAN resource to be considered. This virtual WAN resource is used when deploying new vHUB(s) or referring to existing vHUB(s) identified in the Virtual Hub Resource(s) configuration. Format: <Resource Group Name>:<Virtual WAN Name>.

   • Optional VIRTUAL HUB RESOURCES: Provide a comma-separated list of virtual hub resource(s) in the respective region(s) with which peering is established. All virtual hubs need to reside within the same vWAN instance identified by the Virtual WAN Resource configuration. Format: <Virtual Hub Name>.

   Only virtual hubs in the same region can be associated with the transit vNET deployment in that region.
4. Click Save and Install after the settings are configured.
   The deployment time for Greenfield deployments is around 20 to 25 minutes and the time taken for Brownfield deployments is around 10 to 15 minutes.