Focus

Prisma SD-WAN

Verify Standard VPN Endpoints

Table of Contents

Filter

Expand All | Collapse All

Prisma SD-WAN Docs

Administration
Deployment
Incidents & Alerts
CloudBlades
Version
- AWS Transit Gateway
- Azure vWAN
- Azure vWAN with vION
- ChatBot for MS Teams
- ChatBot for Slack
- CloudBlades Integration with Prisma Access
- GCP NCC
- Service Now
- Zoom QSS
- Zscaler Internet Access
Reference
Release Notes
Version
- ION 5.2
- ION 5.3
- ION 5.4
- ION 5.5
- ION 5.6
- ION 6.0
- ION 6.1
- ION 6.2
- ION 6.3
- ION 6.4
- New Features Guide
- On-Premises Controller
- Prisma Access CloudBlade Cloud Managed
- Prisma Access CloudBlade Panorama Managed
- Prisma SD-WAN CloudBlades

Understand Service and Data Center Groups

Use Groups in Network Policy Rules

Verify Standard VPN Endpoints

Learn how to verify standard VPN endpoints, configure standard groups, and assign domains to sites.

Where Can I Use This?	What Do I Need?
Prisma Access CloudBlade (Panorama Managed). Prisma Access CloudBlade (Cloud Managed).	Prisma SD-WAN License. Prisma Access for Networks Subscription. Supported Cloud plugin Versions. Prisma Access CloudBlade (Cloud Managed) version 3.x.x and later. Prisma Access CloudBlade (Panorama Managed) versions 3.x.x and 4.x.x.

With the Prisma Access for Networks Integration (Panorama managed) CloudBlade, standard endpoints for all Prisma Access regions will be created automatically. In addition, each of the endpoints will be configured with a Liveliness probe to the Prisma Access firewall monitor address. The monitor will run an ICMP check every 10 seconds and mark the tunnel as failed after three (3) consecutive failures. The only action required will be to add these endpoints to Groups and Domains.

Configure Standard Groups

With the Prisma Access for Networks Integration (managed by Panorama) CloudBlade installed, three default standard groups will automatically be created:

Prisma Access: Active
Prisma Access: Backup
Prisma Access: All Regions

The only action required will be to add the appropriate Prisma Access Region endpoints to these Groups and Any Domains (as needed).

If you are a new user, the only default standard group created is Prisma Access: All Regions.

Go to ManagePrisma SD-WANResourcesService & DC Groups.
Select Add Domain, provide a Domain Name, and click Add.
Next, map the service endpoints to the appropriate Prisma Access: Active and Prisma Access: Backup groups in each domain.

If more than one endpoint is part of a group, they will be considered equal in network policy path selection.
Finally, proceed to binding domains to sites.

Assign Domains to Sites

Binding a domain is essentially mapping a site to a domain, enabling access to all the endpoints within groups or domain. Different domains can be mapped to different sites, but only one domain can be mapped per site.

Go to WorkflowsPrisma SD-WAN SetupBranch Sites.
From the Domain drop-down for a site, select the appropriate domain.

Understand Service and Data Center Groups

Use Groups in Network Policy Rules

Prisma SD-WAN Docs

Verify Standard VPN Endpoints

Prisma SD-WAN Docs

Verify Standard VPN Endpoints

Configure Standard Groups

Assign Domains to Sites

Activation & Onboarding

SASE

Visibility & Monitoring

Hardware Reference

Hardware Quick Start Guides

Virtual ION Deployment

Prisma SD-WAN Integration

Prisma SD-WAN Experts Corner

Best Practices