Add Internal Network Resources

An Internal Network resource represents a private address space of IP addresses. Internal networks are managed by your organization and are non-routable or RFC1918 compliant. You must configure an Internal Network resource with either a Network or Network Tunnel resource. The associated network or network tunnel forwards DNS traffic from devices on your organization's internal network to Secure Access.

To start protecting an internal network, add an Internal Network resource to Cisco Secure Access. Once added, you can apply an existing policy rule to the internal network resource or add a new policy rule to protect the resource. Build policy rules to extend Secure Access's protection to any device that connects to the internet from behind the internal network. For more information about Secure Access policy rules, see Manage the Access Policy.

In Secure Access, all traffic originating from that IP space is identified as coming from that internal network. The private IP space or IP range defines the scope of the resource. The traffic sent from user devices on your organization's internal network is visible in the Secure Access Activity Search report.

Table of Contents



  1. Navigate to Resources > Internal Networks and click Add.
  1. Give a descriptive internal network name for Name.
  1. Enter an IPv4 address and choose a range.
  2. Choose Network or Network Tunnel Group.

For Networks, select the Network to associate with the Internal Network resource.

For Network Tunnel Group, select the Network Tunnel Group to associate with the Internal Network resource.

  1. Click Save.

Manage Internal Networks < Add Internal Network Resources > Update an Internal Network