Add Internal Network Resources

An Internal Network resource represents a private address space of IP addresses. Internal networks are managed by your organization and are non-routable or RFC1918 compliant. You must configure an Internal Network resource with either a Cisco Secure Access Site, Registered Network, or Network Tunnel Group. The associated Site, Networks, or Network tunnel groups forward DNS traffic from devices on your organization's internal network to Secure Access.

To start protecting an internal network, add an Internal Network resource to Secure Access. Once added, you can apply an existing policy rule to the internal network resource or add a new rule to protect the resource. Build rules to extend Secure Access's protection to any device that connects to the internet from behind the internal network. For more information about Secure Access policy rules, see Manage the Access Policy.

In Secure Access, all traffic originating from the IP of the site, network, or network tunnel group resource is identified as coming from the Internal Network. The private IP space or IP range defines the scope of the resource. The traffic sent from user devices on your organization's Internal Network is visible in the Secure Access Activity Search report.

Table of Contents

• Prerequisites
• Procedure

Prerequisites

• Full Admin user role. For more information, see Manage Accounts.

Add Resources to Associate with Internal Networks

• Site—For more information, see Manage Sites.
• Registered Network—For more information, see Manage Registered Networks.
• Network Tunnel Group—For more information, see Manage Network Tunnel Groups.

Procedure

1. Navigate to Resources > Internal Networks and click Add.

2. For Name, enter a descriptive name for the internal network.

   
   

3. For IPv4 Address, enter an IPv4 address and choose a range.

   

4. For Internal Network Association, choose Site, Network, or Network Tunnel Group.
   a. Expand Sites, and then select the Site to associate with the Internal Network.

b. Expand Networks, and then select the Network resources to associate with the Internal Network resource.

c. Expand Network Tunnel Group, and then select the Network Tunnel Groups to associate with the Internal Network resource.

5. (Optional) Check This network has an IPv6 address, enter an IPv6 address, and choose a range.

   

6. Click Save.

Manage Internal Networks < Add Internal Network Resources > Update an Internal Network