Skip to main content
Solved

Internal and External server same name

  • April 25, 2023
  • 8 replies
  • 207 views
B
Forum|alt.badge.img+5

New user to Netskope so apologies if this has been answered.

I have an internal application with an Admin page that can be access via port 8383.

This application has a public address for client apps to communicate with when they are not in the building.  The Admin page is not available when you are using the External address.

Example:

Internal  App.Test.com  IP 192.1.1.1

External App.Test.com. IP 35.1.1.1

We configured this as a Private App, however the admin page does not work and from what I can tell from the logs Netskope is using the External address.  If I use the IP address instead of the FQDN internally it works.   Any thoughts?

Best answer by qyost

When defining your private app, there is an option to "Use Publisher DNS".   That should move the resolution to the internal DNS servers for you.

This topic has been closed for replies.

8 replies

qyost
Forum|alt.badge.img+16
  • qyost
  • Explorer III
  • 146 replies
  • Answer
  • April 25, 2023

When defining your private app, there is an option to "Use Publisher DNS".   That should move the resolution to the internal DNS servers for you.

---Q.
B
Forum|alt.badge.img+5
  • barrycuda72
  • Author
  • New Member
  • 6 replies
  • April 25, 2023

Dang that was an easy fix..  Thank you

qyost
Forum|alt.badge.img+16
  • qyost
  • Explorer III
  • 146 replies
  • April 25, 2023

Welcome to the community. 

---Q.
N
Forum|alt.badge.img+12
  • nduda
  • Explorer
  • 88 replies
  • April 25, 2023

But this should works without using the internal dns option. Netskope should be intercepting that fqdn. What we found is that blocking dns over https is usually the cause for this. We’ve deployed a simple utility policy in Netskope to do this and all our NPA fqdn intercepting works now. 

B
Forum|alt.badge.img+5
  • barrycuda72
  • Author
  • New Member
  • 6 replies
  • April 28, 2023

I have a follow up question.  On a different app we are seeing where the private app only works when we disable dns over https in the browser.   How would I do that in Netskope?

N
Forum|alt.badge.img+12
  • nduda
  • Explorer
  • 88 replies
  • April 28, 2023

You can accomplish this with a simple Real-time Protection Policy. “DNS over HTTPS” is an application in the list. Just create a policy to block it with no notification. In fact, I’m under the impression this is standard policy deployment for new customers by their SE’s now. 

B
Forum|alt.badge.img+5
  • barrycuda72
  • Author
  • New Member
  • 6 replies
  • April 28, 2023

That worked like a charm

Rohit_Bhaskar
Netskope Employee
Forum|alt.badge.img+20
  • Rohit_Bhaskar
  • Netskope Employee
  • 491 replies
  • April 28, 2023
Please mark the comments as a accepted solution for your question
Best Wishes, Rohit Bhaskar

Badges Winner

Show all badges

Not finding what you're looking for?

Don't be shy and let us know about your challenge.

Ask your question here!
Terms & ConditionsCookie settingsAccessibility statement