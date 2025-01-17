Note Not recommended for new deployments. We recommend using a self-hosted application to secure a private IP address.

You can configure a Private Network application to manage access to specific applications on your private network.

To create a private network application:

In Zero Trust ↗, go to Access > Applications > Add an application. Select Private Network. Name your application. For Application type, select Destination IP. For Value, enter the IP address for your application (for example, 10.128.0.7 ). Note If you would like to create a policy for an IP/CIDR range instead of a specific IP address, you can build a Gateway Network policy using the Destination IP selector. Configure your App Launcher visibility and logo. Select Next. You will see two auto-generated Gateway Network policies: one that allows access to the destination IP and another that blocks access. Modify the policies to include additional identity-based conditions. For example: Policy 1 Selector Operator Value Logic Action Destination IP in 10.128.0.7 And Allow User Email matches regex .*@example.com

Policy 2 Selector Operator Value Action Destination IP in 10.128.0.7 Block Policies are evaluated in numerical order, so a user with an email ending in @example.com will be able to access 10.128.0.7 while all others will be blocked. For more information on building network policies, refer to our dedicated documentation. Select Add application.

Your application will appear on the Applications page.