1. Home
    2. Prisma
    3. Prisma Access
    4. Prisma Access Integration Guide (Panorama Managed)
    5. Onboard Mobile Users and Branch Offices in Mainland China
    6. Connect your Mobile Users in Mainland China to Prisma Access
    7. Configure Alibaba Cloud for Mobile Users in China
    8. Configure Real-Name Registration and Create the VPCs in Alibaba Cloud

    Configure Real-Name Registration and Create the VPCs in Alibaba Cloud

    Before you begin configuration in Alibaba Cloud, you must complete Real-Name Registration and configure and purchase bandwidth for CEN.
    1. Complete real-name registration in Alibaba Cloud, if you have not done so already.
      Organizations with an international Alibaba Cloud account can use a copy of a valid Driver’s license or passport to complete this registration. After you obtain the required documents, select Alibaba Cloud account management to submit required information and documents.
    2. Determine the amount of bandwidth you require between the branch office and service connection to access corporate applications and resources.
      You use this information when you create the CEN for the VPCs. You can use both the required bandwidth for the CEN and the cost of the CEN in your determination.
    3. Create the VPC in China (VPC 1) and for the Prisma Access location (VPC 2).
      1. Log in to the Alibaba Cloud console.
      2. In the
        Networking
         area, select
        Virtual Private Cloud.
      3. Select
        Create VPC
        .
      4. Create a new VPC and vSwitch in the VPC.
        For VPC 1, select a
        Region
         that is closest to the branch office in mainland China; the following example uses
        China (Shenzhen)
         as the location. For VPC 2, select a region outside China; the examples in this workflow use a region in Japan as VPC 2.
      5. Wait for Alibaba Cloud to create the VPC, then select
        Create VSwitch
         and add three vSwitches:
        • One vSwitch for the management (
          Mgmt
          ) interface.
        • One vSwitch for the
          Untrust
           interface.
        • One vSwitch for the
          Trust
           interface.
        You associate these vSwitches to an Elastic Network Interface (ENI) when you create Linux instances for the VPCs in Alibaba Cloud.
      6. Select
        Create EIP
         to create an elastic IP.
      7. Specify the parameters for the Elastic IP.
        Make a note of the elastic IP address; you use this address when you create a server certificate for the GlobalProtect gateway (you use the IP address as the common name (CN)).
      8. Create VPC 2, using the same steps you used to create VPC 1, but specify a
        Region
         that is outside mainland China and close to a Prisma Access location.
    4. To configure a second GlobalProtect gateway for redundancy, add another VPC. You add a VM-series firewall to the second VPC you create in a later task.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2022 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo