Learn about when loopback IP addresses can change for
mobile user deployments.
Where Can I Use
This?
What Do I Need?
Prisma Access (Managed by Strata Cloud Manager)
Prisma Access (Managed by Panorama)
Prisma Access license
Loopback addresses are IP addresses used by Prisma Access for requests made to an internal
source and are assigned from the infrastructure subnet. Loopback IP addresses can
change for mobile users during an infrastructure or dataplane upgrade.
Loopback IP addresses do not change for service connections
or remote network connections during an infrastructure or dataplane
upgrade; only mobile user loopback IP addresses can change.
Prisma Access allocates the loopback IP addresses from the infrastructure subnet that you
specify when you enable the Prisma Access infrastructure. You can
add the entire infrastructure subnet to an allow list and avoid planning for mobile user
loopback IP changes during an infrastructure or dataplane upgrade. To find the
infrastructure subnet, select:
Prisma Access (Managed by Strata Cloud Manager): WorkflowsPrisma Access SetupPrisma AccessInfrastructure Settings and view the Infrastructure Subnet
Prisma Access (Managed by Panorama): PanoramaCloud ServicesStatusNetwork DetailsService Infrastructure and view the Infrastructure Subnet
Retrieve these addresses using the API used to retrieve public IP and loopback IP addresses.
The following example shows a Prisma Access deployment that has
an infrastructure subnet of 172.16.0.0/16. Prisma Access has assigned
loopback IP addresses 172.16.0.1 and 172.16.0.3 for mobile users
from the infrastructure subnet.
After in infrastructure or dataplane upgrade (for example, to
prepare for a new release of the Cloud Services plugin), Prisma
Access assigns two different IP addresses for mobile users from
the infrastructure subnet (172.16.0.1 is changed to 172.16.0.2 and 172.16.0.3
is changed to 172.16.0.4).