Home
EN
Location
Documentation Home
Palo Alto Networks
Support
Live Community
Knowledge Base
>
Clear
Enable DDNS for Mobile Users—GlobalProtect
Updated on
Tue Nov 21 22:16:33 UTC 2023
Focus
Download PDF
Updated on
Tue Nov 21 22:16:33 UTC 2023
Focus
Home
Prisma
Prisma Access
Prisma Access Advanced Deployments
Prisma Access Mobile Users—GlobalProtect Advanced Deployments
Dynamic DNS Registration Support for Mobile Users—GlobalProtect
Enable DDNS for Mobile Users—GlobalProtect
Download PDF
Enable DDNS for Mobile Users—GlobalProtect
Table of Contents
Filter
Expand All
|
Collapse All
Prisma Access Docs
Administration
Version
Prisma Access China
4.0 & Later
3.2 Preferred and Innovation
3.1 Preferred and Innovation
3.0 Preferred and Innovation
2.2 Preferred
Integrations
Incidents & Alerts
Release Notes
Version
5.0 Preferred and Innovation
4.2 Preferred
4.1 Preferred
4.0 Preferred
3.2 Preferred and Innovation
3.1 Preferred and Innovation
3.0 Preferred and Innovation
2.2 Preferred
Previous
Dynamic DNS Registration Support for Mobile Users—GlobalProtect
Next
Verify Dynamic DNS Configuration
Enable DDNS for Mobile Users—GlobalProtect
Enable Dynamic DNS updates for your Mobile Users—GlobalProtect deployment.
To update your DNS server with A and PTR records of your GlobalProtect mobile users, complete following steps.
Create an authentication key in your DNS server.
This example uses
Infoblox
as the DNS server.
Log in to your DNS server.
Select
Data Management
DNS
Grid DNS Properties
Updates
.
Allow updates from
Set of ACEs
.
Add a
TSIG Key
after filling details.
Select the
256
key algorithm.
Generate Key Data
to create a new key. Select the
256
key data.
Copy the key data to a file in the following format and save the file with .key extension.
key "ddns-gp" { algorithm hmac-sha256; secret "wCJKVYUtQt644eVOWnowgw=="; };
You upload this key to Prisma Access Cloud Services plugin in a later step.
In your Prisma Access deployment, specify your DNS server as the primary DNS server.
Select
Panorama
Setup
Services
.
Edit
the settings and update the primary DNS server details.
Configure the DDNS settings.
Select
Panorama
Cloud Services
Configuration
Service Setup
.
Select
Service Operations
Dynamic DNS Configuration
and
Enable DDNS
.
(
Optional
)
Configure TTL
, which is the time-to-live (TTL) value, to the frequency at which you want Prisma Access to refresh FDQN in its cache.
The value is set to 9 hours by default.
Upload the DDNS authentication key that you created in Step
1
from your DNS server.
Commit to Panorama
.
Previous
Dynamic DNS Registration Support for Mobile Users—GlobalProtect
Next
Verify Dynamic DNS Configuration
Recommended For You