Route Traffic With Domain Names, Not IP Addresses

Put an end to IP address-based routing with Application Domain-based Routing.

Intelligent Routing Using Memorable, Recognizable Domain Names

Routing traffic to your connected private networks and accessing resources using IP addresses can get complicated. Instead of providing IP address subnets as routes to your private networks, Application Domain-based Routing, a Cloud Connexa feature, lets you easily route traffic to applications distributed among your various connected private networks using the application’s domain name as a route to the network where that application resides.


Use domain names instead of IP address subnets to simplify network routing

Cloud Connexa Application Domain-based Routing adds domain name awareness to sophisticated routing logic so you can define routes to connected networks using domain names instead of — or in addition to — IP address subnets.

  • Route to networks with overlapping IP ranges

    Differentiate your networks with overlapping IP address ranges based on domain names. Now, you can use hostnames to route to the correct host on the right network.

  • Enforce Zero Trust

    Application domain-based routing lets you configure all your applications making it easier to use zero trust and minimum privilege principles by configuring proper access controls.

  • Prevent Lateral Movement

    To prevent network discovery and port scanning, your private network IP address subnets aren’t sent as routes on connection and can’t directly receive traffic.

  • Secure SaaS application access

    Specify public SaaS app domain names as network routes to your Internet Gateway to route SaaS traffic through the WPC, even with Split Tunnel ON.


IP address overlap occurs when one or more devices or subnets connected to the same network are assigned the same IP address or range.

Cloud Connexa allows administrators to configure private network access to applications using only domain names. Routing is configured using Fully Qualified Domain Names (FQDNs) instead of IP addresses. The FQDNs are unique and used for routing to the correct network, making the overlapping use of IP addresses inconsequential. To learn how read User Guide - Remote access to private networks with overlapping IP address space.

Application Domain routes are configured through the Networks setting in the administration portal. To configure, go to Networks and create or edit an existing Network by clicking the name of an existing Network or edit icon (pencil). Select Domain and enter a Fully Qualified Domain Name (FQDN). Note: All subdomains will be included. Enter an optional Description to easily distinguish between applications. If private domain names are used, you must add them to your DNS server or add DNS Records directly in CloudConnexa.

ZTNA or Zero Trust Network Access is a network security model that operates on 3 core principles:

  • Always verify – Do not assume an entities identity
  • Least privilege – Give access to only the resources the user, device, or application should have
  • Assume breach – A proactive approach to network security that includes reducing the attack surface and isolating potential threats

Cloud Connexa allows Owners and Administrators to:

  • Use SSO Authentication with LDAP, and SAML to connect to their WPC.
  • Limit access to only specific resources by configuring access controls to select User Groups, Networks, or Hosts with Access Groups.
  • Provide access to applications using domain names instead of the network to reduce your attack surface — eliminating movement to other network resources from potential threats.

Network lateral movement is a technique used by cybercriminals to move through a compromised network to search for additional vulnerabilities and data.

Split Tunnel is a configuration setting of the tunnel that connects the device to Cloud Connexa. It can be set to select what kind of traffic is sent through the tunnel. All traffic (even internet traffic) is sent through the tunnel when set to OFF. When set to ON, only specific traffic configured to be routed to Cloud Connexa enters the tunnel, and general internet traffic does not.

Get Started for Free

Cloud Connexa comes with three free connections, no credit card required.