Trusted Networks
How to configure a Trusted Network
Trusted Networks Overview
Devices and routers have Media Access Control (MAC) addresses: these are unique hardware identifiers that can be associated with an IP address. If a device’s MAC address matches with a network router’s MAC address, then each MAC address will resolve to an IP address and the device will be able to connect to the trusted network. In some cases, however, devices are already connected to a Service Tunnel (the Cloud Secure Edge’s (CSE) modern VPN) when a trusted network is available. CSE’s Trusted Networks feature allows admins to automatically disconnect end users from a Service Tunnel if the end user wants to connect to a trusted network instead: if a device identifies that the router’s MAC address is part of a trusted network, it can automatically turn off Service Tunnel.
This doc lays out the steps required to configure a Trusted Network and it explains how the Trusted Network feature interacts with other org settings, like Connect on Login for Service Tunnel.
Pre-requisites
- MAC addresses of the Trusted Network’s routers
Steps to Configure a Trusted Network
Step 1: Provide the MAC addresses of the Trusted Network
1.1 In the Command Center, navigate from Networks > Trusted Networks.
1.2 Enter the MAC addresses associated with the Trusted Network (i.e., the routers’ MAC addresses); address entries should be separated by a comma.
Step 2: Configure whether devices connected to Service Tunnel automatically disconnect when connected to a Trusted Network
2.1 If you want your end users’ devices to automatically disconnect from Service Tunnel when connecting to a Trusted Network, then select Yes to Disconnect Service Tunnels when on a Trusted Network. If you do not want your end users’ devices to automatically disconnect from Service Tunnel when connecting to a Trusted Network, then select No.
Note: If you select Yes to Disconnect Service Tunnels when on a Trusted Network, your end users will not be able to reconnect to a Service Tunnel as long as the Trusted Network is available.
2.2 Select Save.
Switching off of a Trusted Network
-
If a user was automatically disconnected from a Service Tunnel and connected to a Trusted Network, and the user then switches off of the Trusted Network:
-
Then the Service Tunnel that was disconnected will re-connect once the user clicks the Refresh button in the desktop app.
-
If a user was automatically disconnected from a Service Tunnel that was configured to auto Connect on Login, and the user then switches off of the Trusted Network:
-
Then the user will still need to click the Refresh button in their desktop app in order to re-connect to the Service Tunnel that is configured to Connect on Login.
Note: When a user moves off of a Trusted Network, the Service Tunnel that reconnects (after the user clicks the Refresh button) will be the last connected Service Tunnel; this is true even if the user has a Service Tunnel that is configured to Connect on Login (i.e., the Connect on Login Service Tunnel will not take precedence over the last connected Service Tunnel).