>
    Onboard a ZTNA Connector in Microsoft Azure
    Focus
    Download PDF
    Focus
    1. Home
    2. Prisma Access
    3. Prisma Access Administration
    4. Prisma Access ZTNA Connector
    5. Onboard the ZTNA Connector VM in Your Data Center
    6. Microsoft Azure Deployments Supported by ZTNA Connector
    7. Onboard a ZTNA Connector in Microsoft Azure
    Download PDF
    Prisma Access

    Onboard a ZTNA Connector in Microsoft Azure

    Table of Contents

    Onboard a ZTNA Connector in Microsoft Azure

    ZTNA Connector deployment in Microsoft Azure.
    • Review the requirements and guidelines and the FQDNs and ports you need to configure to use ZTNA Connector in Microsoft Azure.
    • On the Prisma SASE Platform, retrieve and copy the Connector key and secret values: WorkflowsZTNA ConnectorConnectors, find the Connector object you created in Prisma Access to associate with this VM, and select Copy Token; then, copy the Key and Secret values.
    • For Prisma Access ZTNA Connector 1-Arm Auto-Scaling deployment, you must retrieve and copy the Connector Group key and secret values: WorkflowsZTNA ConnectorConnector Groups, find the Connector Group object you created in Prisma Access to associate with this VM, and select Copy Token; then, copy the Key and Secret.
    After you’ve met all the prerequisites, follow these steps to onboard a ZTNA Connector in Microsoft Azure.
    1. Log in to Azure Marketplace, and search for Prisma Access ZTNA Connector.
    2. Click Get it Now.
    3. Continue the creation process.
    4. Choose the software plan and Create this application in Azure:

    Deploy ZTNA Connector 1-Arm in Microsoft Azure

    Follow these steps to deploy the 1-Arm ZTNA Connector in Microsoft Azure:
    1. Configure the following on the Basics tab:
      • Select your Azure Subscription to manage deployed resources.
      • Select an existing Resource Group or Create new.
      • Select an Azure Region relevant to your location.
      • Click Next: Prisma ZTNA Connector Configuration.
    2. Configure a virtual network on the Prisma ZTNA Connector Configuration tab:
      • Create a new virtual network or select an existing Virtual network.
      • Select the Data Center LAN Subnet, where you've provisioned applications to onboard to this Connector.
      • Enter the Prisma ZTNA Connector VM Name.
      • Enter the Prisma ZTNA Connector License Key and Prisma ZTNA Connector License Secret values you retrieved from the Prisma SASE Portal.
      • Review + create to review your managed Prisma ZTNA Connector configuration.
    3. Confirm the details you've provided and click Create to start the virtual machine deployment.
    4. After deployment is complete, select Go to resource.

    Deploy ZTNA Connector 1-Arm with Autoscale in Microsoft Azure

    1. Configure the following on the Basics tab:
      • Select your Azure Subscription to manage deployed resources.
      • Select an existing Resource Group or Create new.
      • Select an Azure Region relevant to your location.
      • Click Next: Prisma ZTNA Connector Configuration.
    2. Configure a virtual network on the Next: Prisma ZTNA Connector Configuration tab:
      • Create a new Virtual network or select an existing Virtual network.
      • Select the Data Center LAN Subnet, where you've provisioned applications to onboard to this Connector.
      • Enter the Prisma ZTNA Connector Auto Scale Set Name, specifying the name of the scaleset created in Azure.
      • Enter the Prisma ZTNA Connector Autoscale Set Max Instance Count. The maximum number of ZTNA Connectors allowed in the Connector Group is 4.
      • Enter the Prisma ZTNA Connector Incoming Mbps Metric for ScaleOut. Enter a value between 100 to 1000.
      • Enter the Prisma ZTNA Connector Incoming Mbps Metric for ScaleIn. Enter a value between 1 to 500.
      • Enter the Prisma ZTNA Connector License Key and Prisma ZTNA Connector License Secret values you retrieved from the Prisma SASE Portal for the Connector Group where you want to onboard the Connector.
      • Review + create to review your managed Prisma ZTNA Connector configuration.
    3. Confirm the details you've provided and click Create to start the virtual machine deployment.
    4. After deployment is complete, select Go to resource group.

    Deploy ZTNA Connector 2-Arm in Microsoft Azure

    Follow these steps to deploy the 2-Arm ZTNA Connector in Microsoft Azure:
    1. Configure the following on the Basics tab:
      • Select your Azure Subscription to manage deployed resources.
      • Select an existing Resource Group or Create new.
      • Select an Azure Region relevant to your location.
      • Click Next: Prisma ZTNA Connector Configuration.
    2. Configure a virtual network on the Next: Prisma ZTNA Connector Configuration tab:
      • Create a new Virtual network or use an existing Virtual network.
      • Select the Internet/Public Subnet for WAN connectivity to IPSec. You need to have the subnet associated with a NAT gateway for internet connectivity.
      • Select the Data Center LAN Subnet, where you've provisioned the applications to onboard to this Connector.
      • Enter the Prisma ZTNA Connector VM Name.
      • Enter the LAN Interface Private IP address.
      • Enter the IP address of the LAN Interface Default Gateway.
      • Enter the IP address of the LAN Interface DNS Server.
      • Enter the Prisma ZTNA Connector License Key and Prisma ZTNA Connector License Secret values you retrieved from the Prisma SASE Portal.
      • Review + create to review your managed Prisma ZTNA Connector configuration.
    3. Confirm the details you've provided and click Create to start the virtual machine deployment.
    4. After deployment is complete, select Go to resource.

    © 2024 Palo Alto Networks, Inc. All rights reserved.