cancel
Showing results for 
Search instead for 
Did you mean: 

CIDR Overlap for NPA

Siva
New Contributor II

Hello,

 

Reading through  private-access-best-practices article on docs.netskope.com, it mentions not to overlap CIDR ranges for NPA. I wonder how we can satisfy this recommendation for the following, very common scenario.

 

Lets say we got three outlook web servers. all serve on port 443, so private app [Outlook] is created with the individual three IPs with TCP port 443 and assigned to all/general users in the organization. All good here.

 

Now for the Admins of the Org, they would need to RDP to these outlook webservers for support/admin purposes. I would think, we need a second private app with same three IPs with TCP port 3389 and assign to IT Admins. Two separate apps for zero trust model.

 

 

So the second private creates a overlap, any pointers on how to configure this scenario adhering to best practices?

 

 

 

0 REPLIES 0