Commit fails with validation error when configuring IP range 169.254.0.0/16 in Prisma Access

Commit fails with validation error when configuring IP range 169.254.0.0/16 in Prisma Access

2223
Created On 01/23/24 01:08 AM - Last Modified 01/24/25 03:34 AM


Symptom


The following error isĀ  seen when the IP address range 169.254.0.0/16 is configured under the Prisma Access settings like routing or tunnel monitoring.

The IP subnet configured for service-connection entry is in the IP address range (169.254.0.0/16) that is reserved for RFC 6598 and Automatic Private IP Addressing (APIPA). You must change the IP subnet to continue.


screenshot.png

Environment


  • Panorama managed Prisma Access
  • Commit

Cause


Prisma Access reserves these IP addresses and subnets for its internal use and so cannot be used by customers.

Resolution


  1. Use another IP address range to avoid the validation error.
  2. The IP addresses of 169.254.0.0/16 and 100.64.0.0/10 are used by Prisma Access infrastructure and must be avoided.
  3. Refer to this documentation.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008WiZCAU&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail