The following sections detail various operations and troubleshooting scenarios related to
the integration process:
Enable, Pause, Disable and Uninstall the Integration
After the Integration has been set up, operations can be done in the
CloudBlade panel. These operations have various effects on the Tunnels and
configurations in Prisma SD-WAN and Azure.
Set the CloudBlade to Enabled
This is the standard, expected mode of operation for the Extension. The
CloudBlade will run every 60 seconds, find any new Sites/Interfaces with the
appropriate tags, and configure the integration on Azure and Prisma SD-WAN. In addition, during this integration run if any
settings were previously modified manually on either Prisma SD-WAN or
Azure (e.g. VPN site object accidentally removed in the Azure portal) these will be
reverted to the known good state automatically.
Set the CloudBlade to Paused
Pausing the CloudBlade stops all future integration runs but leaves any created
objects intact. This stops any future objects from getting created, but does NOT
prevent removal of any unconfigured/untagged objects on either Prisma SD-WAN or Azure.
Set the CloudBlade to Disabled
Disabling the CloudBlade tells the system to remove and delete all configurations
created by the CloudBlade. This can cause communication interruptions if policy is
not set to use other paths. Note that IPSEC policies, IKE policies, and Prisma SD-WAN Endpoints and Service and DC groups are not
automatically deleted and must be removed manually.
Uninstall the CloudBlade
Uninstalling the CloudBlade removes the configuration for the CloudBlade, and
immediately stops any changes by the CloudBlade. Uninstalling the CloudBlade does
not automatically remove configuration from all sites and objects. CloudBlades may
be Uninstalled and Reinstalled to facilitate upgrades or downgrades to different
versions without traffic interruption. To completely remove all items, please set
the CloudBlade to Disabled for 2-3 Integration Run periods (180 seconds) before
Uninstalling.
