Enable DDNS for Mobile Users—GlobalProtect
Table of Contents
Enable DDNS for Mobile Users—GlobalProtect
Enable Dynamic DNS updates for your Mobile Users—GlobalProtect deployment.
To update your DNS server with A and PTR records
of your GlobalProtect mobile users, complete following steps.
- Create an authentication key in your DNS server.This example uses Infoblox as the DNS server.
- Log in to your DNS server.
- Select .
- Allow updates fromSet of ACEs.
- Add aTSIG Keyafter filling details.
- Select the256key algorithm.
- Generate Key Datato create a new key. Select the256key data.
- Copy the key data to a file in the following format and save the file with .key extension.key "ddns-gp" { algorithm hmac-sha256; secret "wCJKVYUtQt644eVOWnowgw=="; };You upload this key to Prisma Access Cloud Services plugin in a later step.
- In your Prisma Access deployment, specify your DNS server as the primary DNS server.
- Select .
- Editthe settings and update the primary DNS server details.
- Configure the DDNS settings.
- Select .
- Select andEnable DDNS.
- (Optional)Configure TTL, which is the time-to-live (TTL) value, to the frequency at which you want Prisma Access to refresh FDQN in its cache.The value is set to 9 hours by default.
- Upload the DDNS authentication key that you created in Step 1 from your DNS server.
- Commit to Panorama.