Learn how to use Prisma Access Explicit Proxy with third-party
VPNs.
To use third-party VPNs with Explicit Proxy,
you have be able to make the following changes in your network:
You must configure your third-party VPN to perform split
tunneling to direct internet traffic to Explicit Proxy.
For
any assistance with configuring your third-party VPN, contact your
third-party VPN vendor.
modify the PAC file to have Explicit Proxy bypass any of
the following VPN components:
In
the following example, you configured the PAC file so that Explicit
Proxy bypasses internal resources using private IP addresses, as
well as authentication traffic flows.
++++++++++++++++
function FindProxyForURL(url, host) {
if (isPlainHostName(host) ||
shExpMatch(host, "*.local") ||
isInNet(dnsResolve(host), "10.0.0.0", "255.0.0.0") ||
isInNet(dnsResolve(host), "127.0.0.0", "255.255.255.0"))
return "DIRECT";
/* Bypass SAML for AnyConnect Azure */
if (shExpMatch(host, "login.microsoftonline.com"))
return "DIRECT";
if (shExpMatch(host, "login.windows.net"))
return "DIRECT";
if (shExpMatch(host, "login.microsoft.com"))
return "DIRECT";
/* Forward to Prisma Access */
return "PROXY example.proxy.prismaaccess.com:8080";
}
