Use the Prisma SD-WAN GCP Deployment Template

1. Login to the GCP web interface, search and select Prisma SD WAN ION Virtual Appliance to launch.

   If you do not have the required APIs enabled you can do so here:

2. On the deployment screen, complete the following sections:

   1. Deployment Name (can use default).
   2. Availability Zone to deploy ION, should match the region for the subnets you created previously.
   3. Current version is 5.5.3, ION can be upgraded to latest version once deployed from the Prisma SD-WAN web interface.
   4. Use the License Key that was generated from the Prisma SD-WAN web interface.
   5. Use the License Secret that was generated from the Prisma SD-WAN web interface.
   6. On the Controller Interface, select the Controller VPC/Subnet you created previously and ensure Enable Public IP is selected.
   7. On Internet Interface, select the Internet VPC/Subnet you created previously and ensure Enable Public IP is selected. Add 0.0.0.0/0 to the Source IP GCP Firewall to permit VPN traffic from the Prisma SD-WAN Branches
   8. On Peering Interface, select the Peering VPC/Subnet you created previously.

   9. Click Deploy to start the deployment of the virtual appliance.

      Once deployment is complete you will see the following screen.

3. Finally, reserve the external IP address assigned to your internet port (nic1).

   This IP address is used to terminate the SD-WAN VPNs and must be static. Navigate to VPC networks -> External IP addresses, you should see the output below.

4. Select the external IP address associated with nic1 and reserve it.