To authenticate users using MFA, SAML, or
Authentication Portal, we recommend mapping a hostname to the
Captive
Portal Redirect IP Address
in Prisma Access and associating
it with your internal DNS servers. If you choose to use Kerberos
single sign-on (SSO) with the authentication portal, the hostname
is required. Alternatively, you can use the
Captive Portal
Redirect IP Address
by itself to redirect users.