Prisma Access
Private IP Address Visibility and Enforcement for Agent Based Proxy Traffic
Table of Contents
Private IP Address Visibility and Enforcement for Agent Based Proxy Traffic
Learn how to enable private IP address visibility and enforcement for GlobalProtect
proxy mode and GlobalProtect tunnel and proxy mode.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
|
Users who connect to Prisma Access Explicit Proxy through GlobalProtect agent
from branches, can leverage Private IP addresses of endpoints for logging or to apply IP
address based enforcement.
Private IP Address Visibility and Enforcement for Agent Based Proxy Traffic (Strata Cloud Manager)
Configure private IP address visibility in GlobalProtect Proxy mode.
- Enable the Agent-based Proxy functionality (Proxy mode or Tunnel and Proxy mode) for mobile users.Navigate to , and click the settings icon. Under Trusted Source Address, add the branch egress IP address.
![]()
Navigate to . Under Proxy URL Settings, enable Enable Source IP based visibility and enforcement, and click Save.![]()
(Optional) Configure the security rules with the source IP address of the endpoint.Push Config to Explicit Proxy.Private IP Address Visibility and Enforcement for Agent Based Proxy Traffic (Panorama)
Configure the private IP visibility and enforcement for GlobalProtect in Proxy mode for panorama.- Enable the Agent-based Proxy functionality (Proxy mode and Tunnel and Proxy mode) for mobile users.Navigate to and add the branch egress IP address under Known Source IP Address.
![]()
Navigate to . Under Agent, enable Enable Source IP based Visibility and Enforcement from Sites, and click OK.![]()
(Optional) Configure the security rules with the source IP address of the endpoint.Commit and push to the Explicit_Proxy_Device_Group.
