1. Home
Location
    Techdocs Logo Techdocs Logo
    • Documentation Home
    • Palo Alto Networks
    • Support
    • Live Community
    • Knowledge Base
    1. Home
    2. Prisma
    3. Prisma SD-WAN
    4. Prisma SD-WAN Administrator’s Guide
    5. Prisma SD-WAN Sites and Devices
    6. Set Up Devices
    7. Assign the ION Device
    Download PDF
    Last Updated:
    Tue Mar 07 18:27:06 UTC 2023

    Table of Contents


    Filter icon
    Filter
    Get Started with Prisma SD-WAN
    Prisma SD-WAN Key Elements
    Deployment Modes
    Activate and Launch Prisma SD-WAN
    Prisma SD-WAN Web Interface—At a Glance
    Prisma SD-WAN Summary
    Site Summary Dashboard
    Prisma SD-WAN Predictive Analytics Dashboard
    Prisma SD-WAN Applications Dashboard
    Prisma SD-WAN Link Quality
    Prisma SD-WAN Sites and Devices
    Set Up Sites
    Configure Circuits
    Configure Circuit Categories
    Configure Device Initiated Connections for Circuits
    Add a Branch
    Add a Data Center
    Manage Data Center Clusters
    Configure a Site Prefix
    Configure a DHCP Server
    Configure NTP for Prisma SD-WAN
    Set Up Devices
    Connect the ION Device
    Claim the ION Device
    Assign the ION Device
    Return Device to MSP
    Configure Device Access One-Time Password
    Configure the ION Device at a Branch Site
    Configure the ION Device at a Data Center
    Switch a Site to Control Mode
    Allow IP Addresses in Firewall Configuration
    Configure Layer 2 Switch Ports
    Add a VLAN or Switch Virtual Interface (SVI)
    Configure VLAN on Switch Ports
    Edit Switch Configurations
    Monitor Switch Activity and Statistics
    Prisma SD-WAN Ports and Interfaces
    Configure a Controller Port
    Configure Internet Ports
    Configure WAN/LAN Ports
    Configure Cellular Modules
    Configure Cellular Interfaces
    Create a Customized APN Profile
    Modify Cellular SIM Settings
    Manage SIM Operations
    Customize Cellular Firmware
    Configure a Sub-Interface
    Configure a Loopback Interface
    Virtual Interface
    Deployment Topologies of Virtual Interface
    Add and Configure a Virtual Interface
    Prisma SD-WAN Standard VPN
    Create an IPsec Profile
    Configure Generic Routing Encapsulation (GRE) Tunnels
    Bypass Pair
    Configure a Bypass Pair
    Configure LAN State Propagation
    Configure a PoE Port
    Configure Interface level PoE Ports
    Configure System Level PoE Ports
    Monitor PoE Activity and Stats
    Configure LLDP
    Monitor LLDP Activity and Status
    Configure a PPPoE Interface
    Configure a Layer 3 LAN Interface
    Configure Application Reachability Probes
    Configure a Secondary IP Address
    Configure a Static ARP
    Configure a DHCP Relay
    Configure IP Directed Broadcast
    VPN Keep-Alives
    Configure VPN Keep-Alives for Circuit Categories
    Configure VPN Keep-Alives for Circuits
    Configure VPN Keep-Alives for Secure Fabric Links
    Use External Services for Monitoring
    Prisma SD-WAN IP Flow Information Export (IPFIX) Protocol
    Configure IPFIX
    Configure IPFIX Profiles
    Configure IPFIX Templates
    Configure Collector Contexts
    Configure Filter Contexts
    Configure Global IPFIX Prefixes
    Configure Local IPFIX Prefixes
    Attach an IPFIX Profile to an ION Device
    Attach a Collector Context to a Device Interface
    Attach a Filter Context to a Device Interface
    Configure High Availability (HA) for IPFIX
    Flow Information Elements
    Options Information Elements
    Configure DNS on Prisma SD-WAN
    DNS Service
    Configure the DNS Service on the Prisma SD-WAN Interface
    Configure DNS Roles
    Configure DNS Profiles
    Configure DNS Service on the ION Device
    Prisma SD-WAN DNS Use Cases
    DNS Survivability
    Configure System for DNS Survivability
    Syslog Server Support in Prisma SD-WAN
    Syslog Flow Export
    Logs Based on Severity Levels
    Configure Syslog Server Support
    Configure SNMP
    Returned Merchandise Authorization (RMA)
    RMA Wizard
    Replace a Prisma SD-WAN ION Device
    Return the ION Device to Prisma SD-WAN
    Upgrade ION Device Software
    Schedule Software Upgrade
    View Device Software Upgrade Status
    Prisma SD-WAN Administrator Authorization and Authentication
    Role Based Access Control
    System Roles
    Add a New User on Prisma SD-WAN
    Custom Roles
    Create Custom Roles
    Assign System or Custom Role
    Add a Device User on Prisma SD-WAN
    Add Device Access to User on Prisma SD-WAN
    Single Sign On Access using SAML
    Request SAML Access
    Exchange SAML Metadata
    Configure SAML Users and Groups
    Map Roles and Permissions
    Enable SAML Access to End Users
    SAML Setup Errors
    Client Authentication using 802.1x/MAC Authentication
    Add the RADIUS Server
    Supported RADIUS Attribute Value Pairs (AVPs)
    Monitor RADIUS Server Stats and Activity
    Audit Logs
    Work with Audit Logs
    Prisma SD-WAN Branch and Data Center Routing
    Prisma SD-WAN Branch Routing
    Prisma SD-WAN Data Center Routing
    Configure a Static Route
    Configure NextHop Reachability Probe
    Configure Dynamic Routing
    Enable BGP for Private WAN and LAN
    Configure BGP Global Parameters
    Global or Local Scope for BGP Peers
    Configure a BGP Peer
    Configure a Route Map
    Configure a Prefix List
    Configure an AS Path List
    Configure an IP Community List
    View Routing Status and Statistics
    Prisma SD-WAN Multicast Routing
    Configure Multicast
    Create a WAN Multicast Configuration Profile
    Assign WAN Multicast Configuration Profiles to Branch Sites
    Configure a Multicast Source at a Branch Site
    Configure Global Multicast Parameters
    Configure a Multicast Static Rendezvous Point (RP)
    Learn Rendezvous Points (RPs) Dynamically
    View LAN Statistics for Multicast
    View WAN Statistics for Multicast
    View IGMP Membership
    View the Multicast Route Table
    View Multicast Flow Statistics
    Prisma SD-WAN Stacked Policies
    Migrate Original Policy Sets to Stacked Policy Sets
    Simple Path and QoS Stacks
    Add Simple Path or QoS Stacks
    Advanced Path and QoS Stacks
    Add Advanced Path or QoS Stacks
    Add QoS Policy Sets
    Add QoS Policy Rules
    Add a Path Policy Set
    Add a Path Policy Rule
    L3 Failure Paths
    Minimize Metered LTE Usage
    Bind Path or QoS Stacks to Sites
    Custom Applications and System Application Overrides
    Configure Custom Applications
    Configure System Application Overrides
    Service and Data Center Groups
    Add a Standard VPN Endpoint
    Add Groups
    Add Domains
    Bind Domain to Sites
    Use Prisma SD-WAN Data Center Endpoints
    Use Service Endpoint Groups in Policies
    Configure Network Contexts
    Attach Network Contexts to LANs
    Configure Circuit Capacities
    Configure DSCP
    Prefixes
    Configure Global Prefixes
    Configure Local Prefixes
    Configure Syslog Profiles
    Prisma SD-WAN Stacked Security Policies
    Add a Security Policy Stack
    Add Stacked Security Policy Sets
    Add a Stacked Security Policy Rule
    Add a Security Policy Set to a Security Stack
    Bind Security Stacks to Sites
    Add Security Zones for Stacked Security Policies
    Bind Security Zones to Sites and Devices
    Bind Security Zones to Sites
    Bind Security Zones to Interfaces
    Configure Security Prefixes
    Attach Local Security Prefixes to Sites
    Monitor Security Policy Rules
    Security Policy Migration
    Prisma SD-WAN Security Policies
    Prisma SD-WAN Security Architecture
    Prisma SD-WAN ZBFW
    ZBFW Contructs
    ZBFW Application
    ZBFW Prefix Filters
    ZBFW Zones
    Security Policy Sets
    Security Policy Rules
    Actions
    Configure Security Policies
    Create Zones
    Bind Zones to Sites and Devices
    Bind Zones to Sites
    Bind Zones to Devices
    Create Prefix Filters
    Create a Security Policy Set
    Create Security Policy Rules
    Bind a Security Policy Set to a Site
    Modify and Delete Policy Rules and Sets
    Change Security Rule Order
    Manage Existing Security Policy Rules
    Edit a Security Policy Set
    Clone a Security Policy Set
    Delete a Security Policy Set
    Prisma SD-WAN NAT Policies
    Add a NAT Stack
    Add NAT Policy Sets
    Add a NAT Policy Rule
    Add a NAT Policy Set to a NAT Stack
    Bind NAT Stacks to Sites
    Configure NAT Zones
    Bind NAT Zones to Interfaces
    Configure NAT Pools
    Bind NAT Pools to Interfaces
    Configure NAT Prefixes
    Use Cases
    Default Source NAT
    Destination NAT
    Static NAT
    ALG Disable
    Prisma SD-WAN Event Policies
    Event Policy Constructs
    Event Policy Framework—Use Cases
    Create a New Event Policy Set
    Create New Event Policy Rule
    Prisma SD-WAN Branch High Availability
    Prisma SD-WAN Branch HA Key Concepts
    Configure Branch HA
    Configure HA Groups
    Add ION Devices to HA Groups
    View Device Configuration of HA Groups
    Edit HA Groups and Group Membership
    Branch HA with Internet, MPLS, and a Layer 3 LAN Switch-Topology 1
    Configure Branch HA with Internet, MPLS, and a Layer 3 LAN Switch Topology-1
    Branch HA with a Firewall on Internet, MPLS, and a Layer 3 LAN Switch
    Branch HA with a Next-Generation Firewall on Internet, MPLS, and a Layer 3 LAN Switch
    Branch HA with Internet, MPLS, and a Layer 2 LAN Switch-Topology 2
    Configure Branch HA with Internet, MPLS, Layer 2 LAN Switch Topology-2
    Configure Branch HA with a Firewall on Internet, MPLS, and a Layer 2 LAN Switch
    Branch HA with Dual Internet and a Layer 3 LAN Switch-Topology 3
    Configure Topology 3
    Branch HA with Dual Internet and Next Gen Firewalls
    Branch HA with Dual Internet and a Layer 2 LAN Switch-Topology 4
    Configure Topology 4
    Branch HA for ION Devices without Bypass Pairs
    Configure Branch HA for ION Devices without Bypass Pairs
    ION 1000 HA Topology
    Prisma SD-WAN Application Visibility and Reporting
    Get Started
    Quick Filters
    Activity Charts
    Network Tab
    View Network Tab
    Network Activity Charts
    Bandwidth Utilization
    Transaction Stats
    App Health
    App Response Time
    New Flows
    Concurrent Flows
    Media Tab
    View Media Tab
    Media Charts
    Link Quality
    View Link Quality Tab
    Configure Private WAN Underlay Link Quality Aggregation
    Configure Internet Circuit Underlay Link Aggregation
    Flows Tab
    View Flows Tab
    Flows Chart
    Flow Detail
    Flow Decision Bitmap
    Flow Decision Data
    Routing Tab
    View Routing Tab
    System Tab
    View System Tab
    Cellular Tab
    View Cellular Tab
    Cellular Charts
    Prisma SD-WAN Clarity Reports
    WAN Clarity Branch Reports
    WAN Clarity Data Center Reports
    Prisma SD-WAN Alerts and Alarms
    Alerts and Alarms
    Filter Alerts and Alarms
    Event Correlation of Alarms
    Monitor Alarms
    Acknowledge Alarms
    Synchronize Alarms
    Alert and Alarm Event Categories
    Hardware and Software Issues
    Device Related Issues
    BGP Peering Issues
    Site Level Issues
    Secure Fabric Link Issues
    Service Endpoint Level Issues
    Logical Interface Level Issues
    Alert and Alarm Event Codes
    API Changes for Network Secure Fabric Link Event Codes
    Troubleshoot Alarms
    Correlate Alarms with SNMP Traps
    Prisma SD-WAN Device and Tenant Management
    Multi-Tenancy
    Prisma SD-WAN MSP Dashboard
    Monitor Tenant Devices
    Monitor Tenant Branches
    Monitor Tenant Alarms
    Access Child Tenants
    Device Lifecycle
    Tenant Types
    MSP Account Roles and Permissions
    Add a User Role in the Child Tenant
    Manage Devices for Client Tenants
    Manage System Administration in the MSP Portal
    • Get Started with Prisma SD-WAN
      • Prisma SD-WAN Key Elements
      • Deployment Modes
      • Activate and Launch Prisma SD-WAN
      • Prisma SD-WAN Web Interface—At a Glance
      • Prisma SD-WAN Summary
      • Site Summary Dashboard
      • Prisma SD-WAN Predictive Analytics Dashboard
      • Prisma SD-WAN Applications Dashboard
      • Prisma SD-WAN Link Quality
    • Prisma SD-WAN Sites and Devices
      • Set Up Sites
        • Configure Circuits
        • Configure Circuit Categories
        • Configure Device Initiated Connections for Circuits
        • Add a Branch
        • Add a Data Center
        • Manage Data Center Clusters
        • Configure a Site Prefix
        • Configure a DHCP Server
        • Configure NTP for Prisma SD-WAN
      • Set Up Devices
        • Connect the ION Device
        • Claim the ION Device
        • Assign the ION Device
        • Return Device to MSP
        • Configure Device Access One-Time Password
      • Configure the ION Device at a Branch Site
      • Configure the ION Device at a Data Center
      • Switch a Site to Control Mode
      • Allow IP Addresses in Firewall Configuration
      • Configure Layer 2 Switch Ports
        • Add a VLAN or Switch Virtual Interface (SVI)
        • Configure VLAN on Switch Ports
        • Edit Switch Configurations
        • Monitor Switch Activity and Statistics
      • Prisma SD-WAN Ports and Interfaces
        • Configure a Controller Port
        • Configure Internet Ports
        • Configure WAN/LAN Ports
        • Configure Cellular Modules
          • Configure Cellular Interfaces
          • Create a Customized APN Profile
          • Modify Cellular SIM Settings
          • Manage SIM Operations
          • Customize Cellular Firmware
        • Configure a Sub-Interface
        • Configure a Loopback Interface
        • Virtual Interface
          • Deployment Topologies of Virtual Interface
          • Add and Configure a Virtual Interface
        • Prisma SD-WAN Standard VPN
          • Create an IPsec Profile
          • Configure Generic Routing Encapsulation (GRE) Tunnels
        • Bypass Pair
          • Configure a Bypass Pair
          • Configure LAN State Propagation
        • Configure a PoE Port
          • Configure Interface level PoE Ports
          • Configure System Level PoE Ports
          • Monitor PoE Activity and Stats
        • Configure LLDP
          • Monitor LLDP Activity and Status
        • Configure a PPPoE Interface
        • Configure a Layer 3 LAN Interface
        • Configure Application Reachability Probes
        • Configure a Secondary IP Address
        • Configure a Static ARP
        • Configure a DHCP Relay
        • Configure IP Directed Broadcast
        • VPN Keep-Alives
          • Configure VPN Keep-Alives for Circuit Categories
          • Configure VPN Keep-Alives for Circuits
          • Configure VPN Keep-Alives for Secure Fabric Links
      • Use External Services for Monitoring
        • Prisma SD-WAN IP Flow Information Export (IPFIX) Protocol
          • Configure IPFIX
          • Configure IPFIX Profiles
          • Configure IPFIX Templates
          • Configure Collector Contexts
          • Configure Filter Contexts
          • Configure Global IPFIX Prefixes
          • Configure Local IPFIX Prefixes
          • Attach an IPFIX Profile to an ION Device
          • Attach a Collector Context to a Device Interface
          • Attach a Filter Context to a Device Interface
          • Configure High Availability (HA) for IPFIX
          • Flow Information Elements
          • Options Information Elements
        • Configure DNS on Prisma SD-WAN
          • DNS Service
          • Configure the DNS Service on the Prisma SD-WAN Interface
          • Configure DNS Roles
          • Configure DNS Profiles
          • Configure DNS Service on the ION Device
          • Prisma SD-WAN DNS Use Cases
          • DNS Survivability
          • Configure System for DNS Survivability
        • Syslog Server Support in Prisma SD-WAN
          • Syslog Flow Export
          • Logs Based on Severity Levels
          • Configure Syslog Server Support
        • Configure SNMP
      • Returned Merchandise Authorization (RMA)
        • RMA Wizard
        • Replace a Prisma SD-WAN ION Device
        • Return the ION Device to Prisma SD-WAN
      • Upgrade ION Device Software
        • Schedule Software Upgrade
        • View Device Software Upgrade Status
    • Prisma SD-WAN Administrator Authorization and Authentication
      • Role Based Access Control
        • System Roles
          • Add a New User on Prisma SD-WAN
        • Custom Roles
          • Create Custom Roles
        • Assign System or Custom Role
        • Add a Device User on Prisma SD-WAN
        • Add Device Access to User on Prisma SD-WAN
      • Single Sign On Access using SAML
        • Request SAML Access
        • Exchange SAML Metadata
        • Configure SAML Users and Groups
        • Map Roles and Permissions
        • Enable SAML Access to End Users
        • SAML Setup Errors
      • Client Authentication using 802.1x/MAC Authentication
        • Add the RADIUS Server
        • Supported RADIUS Attribute Value Pairs (AVPs)
        • Monitor RADIUS Server Stats and Activity
      • Audit Logs
        • Work with Audit Logs
    • Prisma SD-WAN Branch and Data Center Routing
      • Prisma SD-WAN Branch Routing
      • Prisma SD-WAN Data Center Routing
      • Configure a Static Route
        • Configure NextHop Reachability Probe
      • Configure Dynamic Routing
        • Enable BGP for Private WAN and LAN
        • Configure BGP Global Parameters
        • Global or Local Scope for BGP Peers
        • Configure a BGP Peer
        • Configure a Route Map
        • Configure a Prefix List
        • Configure an AS Path List
        • Configure an IP Community List
        • View Routing Status and Statistics
      • Prisma SD-WAN Multicast Routing
        • Configure Multicast
        • Create a WAN Multicast Configuration Profile
        • Assign WAN Multicast Configuration Profiles to Branch Sites
        • Configure a Multicast Source at a Branch Site
        • Configure Global Multicast Parameters
        • Configure a Multicast Static Rendezvous Point (RP)
        • Learn Rendezvous Points (RPs) Dynamically
        • View LAN Statistics for Multicast
        • View WAN Statistics for Multicast
        • View IGMP Membership
        • View the Multicast Route Table
        • View Multicast Flow Statistics
    • Prisma SD-WAN Stacked Policies
      • Migrate Original Policy Sets to Stacked Policy Sets
      • Simple Path and QoS Stacks
        • Add Simple Path or QoS Stacks
      • Advanced Path and QoS Stacks
        • Add Advanced Path or QoS Stacks
        • Add QoS Policy Sets
        • Add QoS Policy Rules
      • Add a Path Policy Set
      • Add a Path Policy Rule
        • L3 Failure Paths
        • Minimize Metered LTE Usage
      • Bind Path or QoS Stacks to Sites
      • Custom Applications and System Application Overrides
        • Configure Custom Applications
        • Configure System Application Overrides
      • Service and Data Center Groups
        • Add a Standard VPN Endpoint
        • Add Groups
        • Add Domains
        • Bind Domain to Sites
        • Use Prisma SD-WAN Data Center Endpoints
        • Use Service Endpoint Groups in Policies
      • Configure Network Contexts
        • Attach Network Contexts to LANs
      • Configure Circuit Capacities
      • Configure DSCP
      • Prefixes
        • Configure Global Prefixes
        • Configure Local Prefixes
      • Configure Syslog Profiles
    • Prisma SD-WAN Stacked Security Policies
      • Add a Security Policy Stack
      • Add Stacked Security Policy Sets
      • Add a Stacked Security Policy Rule
      • Add a Security Policy Set to a Security Stack
      • Bind Security Stacks to Sites
      • Add Security Zones for Stacked Security Policies
      • Bind Security Zones to Sites and Devices
        • Bind Security Zones to Sites
        • Bind Security Zones to Interfaces
      • Configure Security Prefixes
        • Attach Local Security Prefixes to Sites
      • Monitor Security Policy Rules
      • Security Policy Migration
    • Prisma SD-WAN Security Policies
      • Prisma SD-WAN Security Architecture
      • Prisma SD-WAN ZBFW
      • ZBFW Contructs
        • ZBFW Application
        • ZBFW Prefix Filters
        • ZBFW Zones
        • Security Policy Sets
        • Security Policy Rules
        • Actions
      • Configure Security Policies
        • Create Zones
        • Bind Zones to Sites and Devices
          • Bind Zones to Sites
          • Bind Zones to Devices
        • Create Prefix Filters
        • Create a Security Policy Set
        • Create Security Policy Rules
        • Bind a Security Policy Set to a Site
      • Modify and Delete Policy Rules and Sets
        • Change Security Rule Order
        • Manage Existing Security Policy Rules
        • Edit a Security Policy Set
        • Clone a Security Policy Set
        • Delete a Security Policy Set
    • Prisma SD-WAN NAT Policies
      • Add a NAT Stack
      • Add NAT Policy Sets
      • Add a NAT Policy Rule
      • Add a NAT Policy Set to a NAT Stack
      • Bind NAT Stacks to Sites
      • Configure NAT Zones
      • Bind NAT Zones to Interfaces
      • Configure NAT Pools
      • Bind NAT Pools to Interfaces
      • Configure NAT Prefixes
      • Use Cases
        • Default Source NAT
        • Destination NAT
        • Static NAT
        • ALG Disable
    • Prisma SD-WAN Event Policies
      • Event Policy Constructs
      • Event Policy Framework—Use Cases
      • Create a New Event Policy Set
      • Create New Event Policy Rule
    • Prisma SD-WAN Branch High Availability
      • Prisma SD-WAN Branch HA Key Concepts
      • Configure Branch HA
      • Configure HA Groups
      • Add ION Devices to HA Groups
      • View Device Configuration of HA Groups
      • Edit HA Groups and Group Membership
      • Branch HA with Internet, MPLS, and a Layer 3 LAN Switch-Topology 1
        • Configure Branch HA with Internet, MPLS, and a Layer 3 LAN Switch Topology-1
        • Branch HA with a Firewall on Internet, MPLS, and a Layer 3 LAN Switch
        • Branch HA with a Next-Generation Firewall on Internet, MPLS, and a Layer 3 LAN Switch
      • Branch HA with Internet, MPLS, and a Layer 2 LAN Switch-Topology 2
        • Configure Branch HA with Internet, MPLS, Layer 2 LAN Switch Topology-2
        • Configure Branch HA with a Firewall on Internet, MPLS, and a Layer 2 LAN Switch
      • Branch HA with Dual Internet and a Layer 3 LAN Switch-Topology 3
        • Configure Topology 3
        • Branch HA with Dual Internet and Next Gen Firewalls
      • Branch HA with Dual Internet and a Layer 2 LAN Switch-Topology 4
        • Configure Topology 4
      • Branch HA for ION Devices without Bypass Pairs
        • Configure Branch HA for ION Devices without Bypass Pairs
      • ION 1000 HA Topology
    • Prisma SD-WAN Application Visibility and Reporting
      • Get Started
        • Quick Filters
        • Activity Charts
      • Network Tab
        • View Network Tab
        • Network Activity Charts
          • Bandwidth Utilization
          • Transaction Stats
          • App Health
          • App Response Time
          • New Flows
          • Concurrent Flows
      • Media Tab
        • View Media Tab
        • Media Charts
      • Link Quality
        • View Link Quality Tab
        • Configure Private WAN Underlay Link Quality Aggregation
        • Configure Internet Circuit Underlay Link Aggregation
      • Flows Tab
        • View Flows Tab
        • Flows Chart
        • Flow Detail
        • Flow Decision Bitmap
        • Flow Decision Data
      • Routing Tab
        • View Routing Tab
      • System Tab
        • View System Tab
      • Cellular Tab
        • View Cellular Tab
        • Cellular Charts
      • Prisma SD-WAN Clarity Reports
        • WAN Clarity Branch Reports
        • WAN Clarity Data Center Reports
    • Prisma SD-WAN Alerts and Alarms
      • Alerts and Alarms
        • Filter Alerts and Alarms
        • Event Correlation of Alarms
      • Monitor Alarms
        • Acknowledge Alarms
        • Synchronize Alarms
      • Alert and Alarm Event Categories
        • Hardware and Software Issues
        • Device Related Issues
        • BGP Peering Issues
        • Site Level Issues
        • Secure Fabric Link Issues
        • Service Endpoint Level Issues
        • Logical Interface Level Issues
      • Alert and Alarm Event Codes
        • API Changes for Network Secure Fabric Link Event Codes
      • Troubleshoot Alarms
      • Correlate Alarms with SNMP Traps
    • Prisma SD-WAN Device and Tenant Management
      • Multi-Tenancy
        • Prisma SD-WAN MSP Dashboard
        • Monitor Tenant Devices
        • Monitor Tenant Branches
        • Monitor Tenant Alarms
        • Access Child Tenants
        • Device Lifecycle
        • Tenant Types
      • MSP Account Roles and Permissions
        • Add a User Role in the Child Tenant
      • Manage Devices for Client Tenants
      • Manage System Administration in the MSP Portal

    Document:Prisma SD-WAN Administrator’s Guide


    Assign the ION Device

    Download PDF
    Last Updated:
    Tue Mar 07 18:27:06 UTC 2023

    Table of Contents


    Filter icon
    Filter
    Get Started with Prisma SD-WAN
    Prisma SD-WAN Key Elements
    Deployment Modes
    Activate and Launch Prisma SD-WAN
    Prisma SD-WAN Web Interface—At a Glance
    Prisma SD-WAN Summary
    Site Summary Dashboard
    Prisma SD-WAN Predictive Analytics Dashboard
    Prisma SD-WAN Applications Dashboard
    Prisma SD-WAN Link Quality
    Prisma SD-WAN Sites and Devices
    Set Up Sites
    Configure Circuits
    Configure Circuit Categories
    Configure Device Initiated Connections for Circuits
    Add a Branch
    Add a Data Center
    Manage Data Center Clusters
    Configure a Site Prefix
    Configure a DHCP Server
    Configure NTP for Prisma SD-WAN
    Set Up Devices
    Connect the ION Device
    Claim the ION Device
    Assign the ION Device
    Return Device to MSP
    Configure Device Access One-Time Password
    Configure the ION Device at a Branch Site
    Configure the ION Device at a Data Center
    Switch a Site to Control Mode
    Allow IP Addresses in Firewall Configuration
    Configure Layer 2 Switch Ports
    Add a VLAN or Switch Virtual Interface (SVI)
    Configure VLAN on Switch Ports
    Edit Switch Configurations
    Monitor Switch Activity and Statistics
    Prisma SD-WAN Ports and Interfaces
    Configure a Controller Port
    Configure Internet Ports
    Configure WAN/LAN Ports
    Configure Cellular Modules
    Configure Cellular Interfaces
    Create a Customized APN Profile
    Modify Cellular SIM Settings
    Manage SIM Operations
    Customize Cellular Firmware
    Configure a Sub-Interface
    Configure a Loopback Interface
    Virtual Interface
    Deployment Topologies of Virtual Interface
    Add and Configure a Virtual Interface
    Prisma SD-WAN Standard VPN
    Create an IPsec Profile
    Configure Generic Routing Encapsulation (GRE) Tunnels
    Bypass Pair
    Configure a Bypass Pair
    Configure LAN State Propagation
    Configure a PoE Port
    Configure Interface level PoE Ports
    Configure System Level PoE Ports
    Monitor PoE Activity and Stats
    Configure LLDP
    Monitor LLDP Activity and Status
    Configure a PPPoE Interface
    Configure a Layer 3 LAN Interface
    Configure Application Reachability Probes
    Configure a Secondary IP Address
    Configure a Static ARP
    Configure a DHCP Relay
    Configure IP Directed Broadcast
    VPN Keep-Alives
    Configure VPN Keep-Alives for Circuit Categories
    Configure VPN Keep-Alives for Circuits
    Configure VPN Keep-Alives for Secure Fabric Links
    Use External Services for Monitoring
    Prisma SD-WAN IP Flow Information Export (IPFIX) Protocol
    Configure IPFIX
    Configure IPFIX Profiles
    Configure IPFIX Templates
    Configure Collector Contexts
    Configure Filter Contexts
    Configure Global IPFIX Prefixes
    Configure Local IPFIX Prefixes
    Attach an IPFIX Profile to an ION Device
    Attach a Collector Context to a Device Interface
    Attach a Filter Context to a Device Interface
    Configure High Availability (HA) for IPFIX
    Flow Information Elements
    Options Information Elements
    Configure DNS on Prisma SD-WAN
    DNS Service
    Configure the DNS Service on the Prisma SD-WAN Interface
    Configure DNS Roles
    Configure DNS Profiles
    Configure DNS Service on the ION Device
    Prisma SD-WAN DNS Use Cases
    DNS Survivability
    Configure System for DNS Survivability
    Syslog Server Support in Prisma SD-WAN
    Syslog Flow Export
    Logs Based on Severity Levels
    Configure Syslog Server Support
    Configure SNMP
    Returned Merchandise Authorization (RMA)
    RMA Wizard
    Replace a Prisma SD-WAN ION Device
    Return the ION Device to Prisma SD-WAN
    Upgrade ION Device Software
    Schedule Software Upgrade
    View Device Software Upgrade Status
    Prisma SD-WAN Administrator Authorization and Authentication
    Role Based Access Control
    System Roles
    Add a New User on Prisma SD-WAN
    Custom Roles
    Create Custom Roles
    Assign System or Custom Role
    Add a Device User on Prisma SD-WAN
    Add Device Access to User on Prisma SD-WAN
    Single Sign On Access using SAML
    Request SAML Access
    Exchange SAML Metadata
    Configure SAML Users and Groups
    Map Roles and Permissions
    Enable SAML Access to End Users
    SAML Setup Errors
    Client Authentication using 802.1x/MAC Authentication
    Add the RADIUS Server
    Supported RADIUS Attribute Value Pairs (AVPs)
    Monitor RADIUS Server Stats and Activity
    Audit Logs
    Work with Audit Logs
    Prisma SD-WAN Branch and Data Center Routing
    Prisma SD-WAN Branch Routing
    Prisma SD-WAN Data Center Routing
    Configure a Static Route
    Configure NextHop Reachability Probe
    Configure Dynamic Routing
    Enable BGP for Private WAN and LAN
    Configure BGP Global Parameters
    Global or Local Scope for BGP Peers
    Configure a BGP Peer
    Configure a Route Map
    Configure a Prefix List
    Configure an AS Path List
    Configure an IP Community List
    View Routing Status and Statistics
    Prisma SD-WAN Multicast Routing