Configure Custom Liveliness Probe

Prisma Access for Networks uses the concept of an Infrastructure Subnet when creating the Service Setup under the plugin. The Infrastructure Subnet is required for services within a given Prisma Access Tenant.

When you create an Infrastructure Subnet, the last usable IP address provided becomes the following set of services within Prisma Access:

Captive Portal Redirect IP Address
Remote Network DNS Proxy IP Address
Tunnel Monitor IP Address

When the CloudBlade creates a standard VPN to Prisma Access, the default is to use the Tunnel Monitor IP Address within the Prisma Access Infrastructure, using a Liveliness probe. There might be times when a probe might need to be changed from the default, to monitor additional services external of Prisma Access for a given business requirement.

Within the CloudBlade, the default is to use the last usable Infrastructure IP address. To use a different Liveliness Probe, uncheck the box within the CloudBlade.
To configure a custom Liveliness Probe, navigate to
Manage
Resources
Service & DC Groups
within the Prisma SD-WAN web interface.

Within the
Service & DC Groups
, look for and click
Endpoints
.

The default view within
Endpoints
will be Prisma SD-WAN.
Click
Standard VPN
from the drop-down.

For a given Prisma Access Region, find and click
Liveliness Probe
.

The default probe for Prisma Andorra, which was chosen in this section is using the last usable IP address in the Infrastructure Subnet.

To add another IP address or modify the probe, edit or add an ICMP ping as appropriate.
In the following example, an additional ICMP probe is added.

For this standard VPN to Prisma Access (Prisma Andorra), an additional ICMP probe to 8.8.8.8 is added to the Liveliness Probe.

Repeat this step for each location that needs to be adjusted for a given business requirement.