Monitor ZTNA Connector

Table of Contents

Filter

Expand All | Collapse All

Prisma Access Docs

Release Notes
Version
- 6.0 Preferred and Innovation
- 5.2 Preferred and Innovation
- 5.1 Preferred and Innovation
- 5.0 Preferred and Innovation
- 4.2 Preferred
- 4.1 Preferred
- 4.0 Preferred
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
Activation & Onboarding
Administration
Version
- 4.0 & Later
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
- Prisma Access China
Integrations
Incidents & Alerts

Troubleshoot ZTNA Connector Onboarding

View ZTNA Connector Logs

Monitor ZTNA Connector

Learn how to monitor ZTNA Connector.

Where Can I Use This?	What Do I Need?
Prisma Access (Managed by Strata Cloud Manager) Prisma Access (Managed by Panorama)	We require a minimum version of Prisma Access 5.0 to enable ZTNA Connector support. Prisma Access license includes 10 connectors, 10,000 FQDNs, and 1024 IP subnets. This functionality is provided for the purpose of trying out ZTNA Connectors in your environment. The Private App add-on license includes 200 ZTNA Connectors, 10,000 FQDNs, and 1024 IP subnet functionality.

All of the ZTNA Connector components provide clear status information, logs, and diagnostic tools to help you troubleshoot any issues that arise. Use the following tools to monitor your ZTNA Connector deployment.

View the status of your applications and Connectors from within the Prisma SASE platform.
- Select WorkflowsZTNA ConnectorApplication Targets and verify that the Status of all Application Targets is Up.
  
  If the status shows Down, the Connector can't reach your application. After you fix the issue with the application, click the refresh status button in the Action column and verify that the Status changes to Up (the status automatically refreshes once per minute).
  The status is also Up if the application is reachable from ZTNA connector (using the last successful DNS resolution result) but the DNS resolution of the Application FQDN fails from the ZTNA connector.
- Select WorkflowsZTNA ConnectorConnectors and make sure the Status of all Connectors is Up.
  
  If the Status shows Tunnel Down, it indicates that the IPSec tunnel between the Connector VM and Prisma Access is down. If the Status shows Connection Down it indicates that the Connector VM is down. Click the diagnostics icon
  
  to launch a remote shell connection to the Connector to troubleshoot the issue. You can run a ping, TCP Ping, traceroute, nslookup, or dump overview to help you diagnose the connectivity issue.