Communication with Secure Access Cloud
Provide the network address information for communicating with the private resource.
- For Internally reachable address, enter an IP address, FQDN, wildcard FQDN (in the format *.example.com), protocol, and port or port ranges.
- You do not have to provide an address that is publicly accessible from outside the network.
- If you will allow browser-based access to this resource by users who do not have the Cisco Secure Client installed on their devices, the protocol you select must include HTTP/HTTPS.
Use caution when adding addresses that duplicate or overlap with addresses in other configured private resources. If you will enable browser-based zero trust access using SSH or Remote Desktop (RDP) protocols, see Allow SSH and RDP Access to Private Resources.
- If you will decrypt traffic to this resource:
- In each address line, you can specify a single IP address (no address ranges) or CIDR block, or a comma-separated list of addresses or CIDR blocks, or an FQDN with or without wildcard. Add addresses and FQDNs as separate lines.
- If the address includes a wildcard FQDN, the wildcard must be the first character in the address string (*.example.com).
- Specify a single port or "Any" port; no comma-separated port numbers, no port ranges.
- If you need to decrypt traffic to multiple ports for the same address, click + Network IP or FQDN and add a separate address line for each port.
- Select a protocol that includes TCP and does not include UDP.
- Example configurations:
-
If you have entered a domain and Secure Access will route traffic to this resource using network tunnels:
-
Select an internal DNS server that can route traffic to the specified resource address.
-
To configure an internal DNS server, see Add DNS Servers.
-
