Loopback addresses are IP addresses used by Prisma Access for requests made to an internal source and are assigned from the infrastructure subnet. Loopback IP addresses can change during for mobile users during an infrastructure or dataplane upgrade.

Prisma Access allocates the loopback IP addresses from the infrastructure subnet that you specify when you enable the . You can add the entire infrastructure subnet to an allow list and avoid planning for mobile user loopback IP changes during an infrastructure or dataplane upgrade. To find the infrastructure subnet, select:

• Prisma Access (Managed by Strata Cloud Manager): WorkflowsPrisma Access SetupPrisma AccessInfrastructure Settings and view the Infrastructure Subnet
• Prisma Access (Managed by Panorama): PanoramaCloud ServicesStatusNetwork DetailsService Infrastructure and view the Infrastructure Subnet

Retrieve these addresses using the API used to retrieve public IP and loopback IP addresses.

The following example shows a Prisma Access deployment that has an infrastructure subnet of 172.16.0.0/16. Prisma Access has assigned loopback IP addresses 172.16.0.1 and 172.16.0.3 for mobile users from the infrastructure subnet.

After in infrastructure or dataplane upgrade (for example, to prepare for a new release of the Cloud Services plugin), Prisma Access assigns two different IP addresses for mobile users from the infrastructure subnet (172.16.0.1 is changed to 172.16.0.2 and 172.16.0.3 is changed to 172.16.0.4).