Configure internal IP addresses, DNS suffixes, and email domains

Use the Network Configuration tab to configure the internal IP addresses and DNS suffixes that you want end users to access while they are protected by ETP. This includes networks that are set up with ETP Client, DNS Forwarder, and ETP Proxy.

These conditions apply when defining IP addresses and DNS suffixes:

  • If DNS suffixes are configured in ETP, the client does not check the threat status of domains with these suffixes because they are internal to the corporate network.
  • If internal IPv4 or IPv6 addresses are configured, these IP addresses are preferred over public IP addresses. For example, this applies if both internal and public IP addresses are returned by DNS servers in a split DNS network topology.

Options are also available for you to add the IP ranges or blocks that are reserved on the Internet for private or internal networks as defined by RFC 1918 and RFC 4193.

  • If a super administrator selects to add RFC 1918 IP addresses, these IPv4 ranges are added: 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16.
  • If a super administrator selects to add RFC 4193 IP addresses, the IPv6 block FC00::/7 is added.

You can also specify your corporate email domains. These domains are used to authorize users in your organization who will receive an email invitation for ETP Client activation. Make sure you do not provide the domain of a public email provider such as Gmail.

How to

  1. In the Enterprise Center navigation menu, select Locations > Network Configuration.
  2. For ETP Client:
    1. In the Enterprise Center navigation menu, select Clients & Connectors > ETP Clients.
    2. Click the Configuration tab.
    3. In the Corporate Network area, click the Edit icon. You are directed to the Network Configuration tab.
  3. In the IPv4 field, enter valid IPv4 addresses. To add IP addresses ranges that are reserved for private networks as defined by RFC 1918, click Add RFC 1918 IPs.
  4. In the IPv6 field, enter valid IPv6 addresses. To add the address block that is reserved for private IPv6 networks as defined by RFC 4193, click Add RFC 4193 IPs.
  5. In the DNS suffixes field, enter domains or the internal DNS suffixes for domains that you want to allow end users to access.
  6. In the Corporate Email Domains, enter the corporate domains used for email. Make sure you provide domains that are used by authorized users only. Do not enter public domains that are accessible to unauthorized users.
  7. Click Save.