Creating Network based Application

What is Network based application?
In very simplified way, it's like a traditional agent based VPN to a specific network/s or specific IP/s and also specific protocol & port.


To create Network based application, you need to have admin user to for configuring your environment including adding application, please check these KB down below about Admin access:

 

  1. login to https://portal.safous.com
  2. Go to Settings tab> ZTNA
  3. In Application, choose Networks
  4. Click New Network, it will expand multiple forms to be filled for new network

    1. Fill Name information, which is the required filed and must be unique value with other application
    2. Fill CIDR information in per line basis if you have multiple CIDR that you want to defined
    3. Select Site is optional as you could leave it using "all" but for multisite deployment it's recommended to choose the correct site based on the application location
    4. For TCP Ports value, only allow number, space, comma, and hyphen like '80, 443, 1-65534'. Port numbers allow between 1 and 65535
    5. Same as TCP PortsUDP Ports also only allow number, space, comma, and hyphen like '80, 443, 1-65534'. Port numbers allow between 1 and 65535
  5. Once every field has been filled and choose, the only thing to do is click "Save"
  6. Then it will give the successful notification

 

To access Network application that you created, you need to ensure these things:

  • User that already created by admin, please refer to here
  • User already enrolled the MFA and can login properly, please refer to here
  • Admin already created policy mapping for app and user authorization, refer to here
  • Your favorite web browser to open User Portal

Once you login, then you need to click on "Download Agent" 

Once clicked, it will pop-up the agent option to be downloaded. For the general information of the agent, please check in here

When you succeeded with agent connection to your ZTNA environment, you can verify connection to the network by using standard networking tools like ping or telnet