Use Predefined IPSec Templates to Onboard Service and Remote Network Connections

Prisma Access includes predefined IPSec templates for common third-party IPSec and SD-WAN devices. These profiles expedite and simplify the onboarding of service connections and remote network connections that use one of these devices to terminate the connection.
Sharing a common template also allows you to Onboard Multiple Remote Network Connections of the Same Type with commonly-shared cryptos, pre-shared keys, and Peer identifiers.
Prisma Access provides you with the following predefined templates that you can use to set up IPSec tunnels between your on-premises device and Prisma Access:
  • IPSec Tunnels (
    IPSec Tunnels
    ) under Remote_Network_Template and Service_Conn_Template.
  • IKE Gateways (
    Network Profiles
    IKE Gateways
    ) under Remote_Network_Template and Service_Conn_Template.
  • IPSec Crypto Profiles (
    Network Profiles
    IPSec Crypto
    ) under Remote_Network_Template and Service_Conn_Template.
  • IKE Crypto Profiles (
    Network Profiles
    IKE Crypto
    ) under Remote_Network_Template and Service_Conn_Template.
Currently, templates for the following vendors are available:
In addition to the following templates, we provide a Generic template that you can use with any on-premises device that is not listed here.
  • Cisco appliances:
    • Cisco Integrated Services Routers (ISRs)
    • Cisco Adaptive Security Appliances (ASAs)
  • Citrix
  • Prisma SD-WAN (formerly CloudGenix)
  • Riverbed
  • Silver Peak
Use the following workflows to onboard service connections or remote network connections using the predefined IPSec templates.

Recommended For You