Enable DDNS for Mobile Users—GlobalProtect

Prisma Access

Enable DDNS for Mobile Users—GlobalProtect

Table of Contents

Enable DDNS for Mobile Users—GlobalProtect

Enable Dynamic DNS updates for your Mobile Users—GlobalProtect deployment.
Where Can I Use This?
What Do I Need?
  • Prisma Access (Panorama Managed)
To update your DNS server with A and PTR records of your GlobalProtect mobile users, complete following steps.
  1. Create an authentication key in your DNS server.
    This example uses Infoblox as the DNS server.
    1. Log in to your DNS server.
    2. Select
      Data Management
      Grid DNS Properties
    3. Allow updates from
      Set of ACEs
    4. Add a
      TSIG Key
      after filling details.
      • Select the
        key algorithm.
      • Generate Key Data
        to create a new key. Select the
        key data.
    5. Copy the key data to a file in the following format and save the file with .key extension.
      key "ddns-gp" { algorithm hmac-sha256; secret "wCJKVYUtQt644eVOWnowgw=="; };
      You upload this key to Prisma Access Cloud Services plugin in a later step.
  2. In your Prisma Access deployment, specify your DNS server as the primary DNS server.
    1. Select
    2. Edit
      the settings and update the primary DNS server details.
  3. Configure the DDNS settings.
    1. Select
      Cloud Services
      Service Setup
    2. Select
      Service Operations
      Dynamic DNS Configuration
      Enable DDNS
    3. (
      Configure TTL
      , which is the time-to-live (TTL) value, to the frequency at which you want Prisma Access to refresh FDQN in its cache.
      The value is set to 9 hours by default.
    4. Upload the DDNS authentication key that you created in Step 1 from your DNS server.
  4. Commit to Panorama

Recommended For You