How BGP Advertises Mobile User IP Address Pools for Service Connections
and Remote Network Connections
If you enable BGP for service connections or remote
network connections, after you Secure Mobile Users With GlobalProtect, Prisma Access
allocates the mobile user IP address pools you specified using Class
C (/24) address blocks. BGP therefore advertises allocated mobile
user subnets in blocks of /24, rather than the entire pool(s) associated
with that region. When Prisma Access adds a /24 subnet for a Prisma
Access gateway, it automatically sends a BGP advertisement. As subnets
are added and removed, Prisma Access automatically updates its BGP
advertisements. This allocation method provides more flexibility
when advertising BGP routes, especially if you configured a
instead of allocating pools per region. Dividing the IP address
pool into smaller subnets allows the same subnet to be added, removed,
or deleted and then reused in different regions when allocated address
space is exhausted.
The following screenshot, from
shows three /20 IP pools for mobile users divided by region.
Show BGP Status
Branch AS and Router
area), shows the
mobile users address pool divided into blocks of /24 subnets for
BGP route advertisements. Note that the entire /20 subnets are not advertised.