About Network Routes and IP Services
Network IP Services define resources accessible through a Network via explicit IP address subnets. Additionally, access can be restricted to specific application protocols and also used in Access Groups to control who can access that service. Besides, IP Services configuration serves as an implicit route definition for a Network. Network Routes can also be explicitly configured depending on settings. The set of IP addresses that is configured as IP Services or Routes for one Network cannot be used as IP Services or Routes for another Network.
Network IP Services define resources accessible through a Network via explicit IP address subnets. Additionally, access can be restricted to specific application protocols and also used in Access Groups to control who can access that service. Besides, IP Services configuration serves as an implicit route definition for a Network. See Enable configuring routes for networks. The set of IP addresses that is configured as IP Services or Routes for one Network cannot be used as IP Services or Routes for another Network.
If a Network will provide access to any applications using IP addresses instead of domain names, you must add IP Services. CloudConnexa will push the appropriate IP subnets to the routing table of clients, depending on which IP Services they are authorized to access.
Note
Note
It is recommended to configure Applications and use Application Domain-Based Routing as much as possible.
You would want to configure IP Services to:
Create an implicit IP subnet route for the network.
Designate an IP subnet as a source of traffic to be used later in Access Groups.
Restrict the protocols that will be used to access the service.
Define who can access the IP service using Access Groups.
Easily identify the traffic destined to the IP service by using a named IP Service when viewing statistics in Access Visibility.
Note
For a Network that is not acting as an Internet Gateway, either an Application or an IP Service must be added.
Consider this example of Route and IP Services use:
Here is an example: You want to connect a private network with a subnet address of 192.168.0.0/28 to CloudConnexa to make a private web server and a FTP server accessible by its IP addresses to all users. You represent the private network by configuring a Network and connecting it to CloudConnexa by using Network Connectors. You then add an IP Service named webapp, allowing only HTTPS for the server IP address of 192.168.0.10/32. Next, add another IP service named fileapp, allowing only FTP for the server IP address of 192.168.0.12/32. By configuring these IP Services, implicit routes for the network are created. CloudConnexa is now configured to route traffic destined for 192.168.0.10/32 and 192.168.0.12/32 to this network and will push these IP addresses as routes for the TUN VPN interface to any connected OpenVPN client that requires access to these IP Services. To explicitly configure a Route for the Network that encompasses the complete subnet range of 192.168.0.0/28, enable Route Configuration in the settings. See Enable configuring routes for networks. Once a Route is created, CloudConnexa will push 192.168.0.0/28 as a route for the TUN VPN interface to a connected OpenVPN client instead of 192.168.0.10/32 and 192.168.0.12/32.
Now, you configure an Access Group that allows access to manage, fileapp, and webapp to the User Group with all the IT department members as its Users and another one to provide access to webapp and fileapp for all other User Groups.
With the above configuration, all users can use only HTTPS and access https://192.168.0.10
, use FTP and access ftp://192.168.0.12
while the IT department can also use ssh user@192.168.0.10
and ssh user@192.168.0.12
.