Onboard a Non-ECMP Site
Table of Contents
Onboard a Non-ECMP Site
4.0.0 PIC
Once the CloudBlade is configured, you can integrate Prisma SD-WAN and Palo Alto
Prisma Access for Networks. The most basic onboarding for the CloudBlade can be done
in two simple steps:
- Configure circuit categories.
- Navigate to
- From the list of Circuit Categories displayed,
select the ellipsis for the category that you would like to
modify.
![]()
- Under TAGS, apply the
prisma_region:<region>:<SPN> tag to
enable the circuit category for Prisma Access.
![]()
- Once applied, the circuit category will reflect that it is
enabled/tagged for Prisma Access.
![]()
- Repeat this set of steps to enable Prisma Access on the appropriate circuits.
- Configure site tag(s).
- Locate a site to onboard to Prisma Access by navigating to or .
- Select a site to modify and on the site summary screen, click the
Edit icon.
![]()
- On the Edit Site screen, select or type
prisma_access in the
Tags field.
![]()
Once this configuration is completed, on the next integration run, the CloudBlade will begin the onboarding process to connect the Prisma SD-WAN ION device and Prisma Access. This process takes place through one or more IPSec tunnels, depending on how many interfaces and tags are configured. Note that it may take several integration cycles for all the tunnels to appear and be active on the Prisma SD-WAN portal.
