Configure internal IP addresses and DNS suffixes

You can configure the internal IP addresses and DNS suffixes that you want end users to access while they are protected by ETP. This includes networks that are set up with ETP Client, DNS Forwarder, and ETP Proxy. These conditions apply:
  • If DNS suffixes are configured in ETP, the client does not check the threat status of domains with these suffixes because they are internal to the corporate network.
  • If internal IPv4 or IPv6 addresses are configured, these IP addresses are preferred over public IP addresses. For example, this applies if both internal and public IP addresses are returned by DNS servers in a split DNS network topology.

Options are also available for you to add the IP ranges or blocks that are reserved on the Internet for private or internal networks as defined by RFC 1918 and RFC 4193.

  • If a super administrator selects to add RFC 1918 IP addresses, these IPv4 ranges are added: 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16.
  • If a super administrator selects to add RFC 4193 IP addresses, the IPv6 block FC00::/7 is added.

How to

  1. In the navigation menu, select Configuration > Utilities. Click the Network Configuration tab.
    Note: If you are trying the new Enterprise Center interface, in the navigation menu, select Locations > Network Configuration.
  2. For ETP Client:
    1. In the navigation menu, select Configuration > Utilities. Click the ETP Client tab.
      Note: If you are trying the new Enterprise Center interface, in the navigation menu, select Clients & Connectors > ETP Clients.
    2. Click the Configuration tab.
    3. In the Corporate Network area, click the Edit icon. You are directed to the Network Configuration tab.
  3. In the IPv4 field, enter valid IPv4 addresses. To add IP addresses ranges that are reserved for private networks as defined by RFC 1918, click Add RFC 1918 IPs.
  4. In the IPv6 field, enter valid IPv6 addresses. To add the address block that is reserved for private IPv6 networks as defined by RFC 4193, click Add RFC 4193 IPs.
  5. In the DNS suffixes field, enter domains or the internal DNS suffixes for domains that you want to allow end users to access.
  6. Click Save.