Prisma Access Mobile users are unable to access resources via service connection or remote-networks (License Issues)
5289
Created On 02/08/22 03:48 AM - Last Modified 03/22/24 01:17 AM
Symptom
- Prisma Access is setup with either Mobile users & Remote Networks both or one of them along with service connection for private app access.
- The Mobile users were able to access the remote networks and private app access via service connection but have lost the ability to access resources over service connection.
- The Mobile users are still able to access internet without any issues.
- The Service connection tunnels are still up from the data center devices.
- The Remote network sites are are still able to access internet without any issues.
Environment
- Prisma Access
- Mobile users or Remote network
- Service connection
Cause
- Check the support.paloaltonetworks.com for your license type and if a recent license renewal has been done.
- Check the latest license guide for Prisma Access from document below.
- Depending on the license and deployment type, a separate add on license Net-Interconnect is needed.
- If a license renewal was done recently and the Net-Interconnect was not renewed, the connectivity from Mobile users/Remote networks to service connection is removed as expected.
Resolution
- Work with Palo Alto SE or sales contact to renew the licenses for Net-Interconnect.
- The SKU for reference would be PAN-PRISMA-ACCESS-NET-INTERCONCT.
Additional Information
- Net-Interconnect is also needed for communication between Mobile users and Remote networks.
- Contact Palo Alto Networks Support team for additional information and validation if the connectivity issue is due to License or something else.