Onboard a Non-ECMP Site
Table of Contents
4.0.0 Panorama Managed
Expand all | Collapse all
-
- QoS CIR Support For Aggregate Bandwidth
- Prisma Access for Networks Non-Aggregate Bandwidth Licensing
- IPSec Termination Nodes in Prisma
- IPSec Termination Node Logic (Panorama Managed)
- Determine Region Bandwidth Utilization
- Determine IPSec Termination Nodes Method #1
- Determine IPSec Termination Nodes Method #2
- IPSec Termination Node Conventions and Tag Nomenclature
-
- Onboard an ECMP Site
- Additional ECMP Settings
- Onboard a Non-ECMP Site
- Set Additional Information Tag
- Configure BGP
- Assign Interface-Level Tags for Non-ECMP Sites
- Customize Prisma Access Objects Names using CloudBlade Tag
- Prisma Access for Networks Region List
- Prisma Access CloudBlade Tag Information
- Edit Application Policy Network Rules
- Understand Service and Data Center Groups
- Verify Standard VPN Endpoints
- Configure Standard Groups
- Assign Domains to Sites
- Use Groups in Network Policy Rules
- Enable, Pause, Disable, and Uninstall the Integration
-
- Monitor the Prisma Access for Networks (Panorama managed) CloudBlade
- Understand Prisma SD-WAN and Prisma Access Integration
- Correlate Objects between Prisma SD-WAN and Panorama
- View Standard VPNs at a Site Level
- View Alerts and Alarms
- View Activity Charts
- Use the Device Toolkit
- Check Tunnel Status on Panorama
Onboard a Non-ECMP Site
4.0.0 PIC
Once the CloudBlade is configured, you can integrate
Prisma SD-WAN
and Palo Alto
Prisma Access
for Networks. The most basic onboarding for the CloudBlade can be done
in two simple steps:- Configure circuit categories.
- Navigate toManageResourcesCircuit Categories
- From the list ofCircuit Categoriesdisplayed, select the ellipsis for the category that you would like to modify.
- UnderTAGS, apply theprisma_region:<region>:<SPN>tag to enable the circuit category forPrisma Access.
- Once applied, the circuit category will reflect that it is enabled/tagged forPrisma Access.
- Repeat this set of steps to enablePrisma Accesson the appropriate circuits.
- Configure site tag(s).
- Locate a site to onboard toPrisma Accessby navigating toorMapTopology.MapSites
- Select a site to modify and on the site summary screen, click theEditicon.
- On theEdit Sitescreen, select or typeprisma_accessin theTagsfield.Once this configuration is completed, on the next integration run, the CloudBlade will begin the onboarding process to connect thePrisma SD-WANION device andPrisma Access. This process takes place through one or more IPSec tunnels, depending on how many interfaces and tags are configured. Note that it may take several integration cycles for all the tunnels to appear and be active on the Prisma SD-WAN portal.