Learn about when loopback IP addresses can change for
mobile user deployments.
Where Can I Use
This?
What Do I Need?
Prisma Access (Managed by Strata Cloud Manager)
Prisma Access (Managed by Panorama)
Prisma Access license
Loopback addresses are IP addresses used by Prisma Access for
requests made to an internal source and are assigned from the infrastructure subnet.
Loopback IP addresses can change during for mobile users during
an infrastructure or dataplane upgrade.
Loopback IP addresses do not change for service connections
or remote network connections during an infrastructure or dataplane
upgrade; only mobile user loopback IP addresses can change.
Prisma Access allocates the loopback IP addresses from the infrastructure subnet that you specify
when you enable the . You can add the entire infrastructure subnet to an allow list
and avoid planning for mobile user loopback IP changes during an infrastructure or
dataplane upgrade. To find the infrastructure subnet, select:
Prisma Access (Managed by Strata Cloud Manager): WorkflowsPrisma Access SetupPrisma AccessInfrastructure Settings and view the Infrastructure Subnet
Prisma Access (Managed by Panorama): PanoramaCloud ServicesStatusNetwork DetailsService Infrastructure and view the Infrastructure Subnet
Retrieve these addresses using the API used to retrieve public IP and loopback IP addresses.
The following example shows a Prisma Access deployment that has
an infrastructure subnet of 172.16.0.0/16. Prisma Access has assigned
loopback IP addresses 172.16.0.1 and 172.16.0.3 for mobile users
from the infrastructure subnet.
After in infrastructure or dataplane upgrade (for example, to
prepare for a new release of the Cloud Services plugin), Prisma
Access assigns two different IP addresses for mobile users from
the infrastructure subnet (172.16.0.1 is changed to 172.16.0.2 and 172.16.0.3
is changed to 172.16.0.4).