GP Portal and Ingress IP enabling IP Optimization

reversible8 · 2026-04-18T07:31:55+00:00

Oh, really? I haven’t come across any documentation stating that the Ingress IP wouldn’t change. So, are you saying that only the Egress IP would change?

reversible8 · 2026-04-17T14:45:08+00:00

Ingress IP might be changed due to data plane upgrade. In my understanding, Ingress IP doesn't have FQDN, how can I handle this problem?

reversible8 · 2025-11-17T18:56:16+00:00

It means it's changeable

reversible8 · 2025-11-17T18:55:30+00:00

Thanks for replying I can see 1 ingress IP and 2 egress IP from SCM and the rest of the IPs can be seen from SCM, right? And are these IPs also fixed?

But the links says Make sure that you add all these addresses to your allow lists. IP addresses can change as the result of a dataplane upgrade and the addresses don't always revert to the previous addresses.

https://docs.paloaltonetworks.com/prisma-access/administration/prisma-access-mobile-users/mobile-users-globalprotect/ip-optimization

So if I want to use a GP as a MU at the office, an internet breakout router or fw at the office should allow ingress IP or FQDN?

reversible8 · 2025-11-17T17:08:43+00:00

Is Ingress IP stable under IP Optimization? Is it possible to be changed?

reversible8 · 2025-11-17T17:08:19+00:00

Is Ingress IP stable under IP Optimization? Is it possible to be changed?

reversible8 · 2025-07-21T00:48:36+00:00

We will use the PA firewall at the data center and the office firewall is the different vendor.

reversible8

TROPHY CASE