Enable DDNS for Mobile Users—GlobalProtect
Table of Contents
Expand All
|
Collapse All
Prisma Access Docs
-
-
- Prisma Access China
- 4.0 & Later
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
-
-
-
- 5.2 Preferred and Innovation
- 5.1 Preferred and Innovation
- 5.0 Preferred and Innovation
- 4.2 Preferred
- 4.1 Preferred
- 4.0 Preferred
- 3.2 Preferred and Innovation
- 3.1 Preferred and Innovation
- 3.0 Preferred and Innovation
- 2.2 Preferred
Enable DDNS for Mobile Users—GlobalProtect
Enable Dynamic DNS updates for your Mobile Users—GlobalProtect deployment.
To update your DNS server with A and PTR records
of your GlobalProtect mobile users, complete following steps.
- Create an authentication key in your DNS server.This example uses Infoblox as the DNS server.
- Log in to your DNS server.Select Data ManagementDNSGrid DNS PropertiesUpdates.Allow updates from Set of ACEs.Add a TSIG Key after filling details.
- Select the 256 key algorithm.
- Generate Key Data to create a new key. Select the 256 key data.
Copy the key data to a file in the following format and save the file with .key extension.key "ddns-gp" { algorithm hmac-sha256; secret "wCJKVYUtQt644eVOWnowgw=="; };You upload this key to Prisma Access Cloud Services plugin in a later step.In your Prisma Access deployment, specify your DNS server as the primary DNS server.- Select PanoramaSetupServices.Edit the settings and update the primary DNS server details.Configure the DDNS settings.
- Select PanoramaCloud ServicesConfigurationService Setup.Select Service OperationsDynamic DNS Configuration and Enable DDNS.(Optional) Configure TTL, which is the time-to-live (TTL) value, to the frequency at which you want Prisma Access to refresh FDQN in its cache.The value is set to 9 hours by default.Upload the DDNS authentication key that you created in Step 1 from your DNS server.Commit to Panorama.