Access Your Data Center Using Explicit Proxy (Panorama)

1. Configure a service connection in Prisma Access.
2. Configure DNS settings.
3. Configure zone mappings.

   1. Select PanoramaCloud ServicesConfigurationMobile Users - Explicit ProxyZone Mapping
   2. Add the zones that you will use to access your data center resources to Trusted Zones.
4. Ensure that the Destination ZONE in policy rules for internet-bound traffic is set to an untrust zone instead of any.

   Failure to perform this step could result in unintended access to your data center.

   1. Select Policies.
   2. Set the Device Group to Explicit_Proxy_Device_Group.
   3. Change the Destination ZONE from any to one of the untrust zones you configured in an earlier step.
5. Enable private application access.

   1. Select PanoramaCloud ServicesConfigurationMobile Users - Explicit ProxySettings

      AdvancedEnable Private Application Access
6. Create security policy rules for the data center resources you want to access.

   1. Select Policies.
   2. Set the Device Group to Explicit_Proxy_Device_Group.
   3. Create security policy rules.

      In rules for data center access, ensure that you use the Trusted zones you configured in an earlier step.