Configuring ZTNA Gateway Options
Note
This section assumes you have already installed a ZTNA Gateway. For ZTNA Gateway installation instructions refer to the link below.
Enable ZTNA Client Option
See Enable ZTNA Client in Cloud Site
ZTNA Client Split Tunneling Option
The network address entered into the Access Network text box (ex 192.168.100.0/24) will be routed through the ZTNA Gateway while all other traffic will be routed out the local default gateway.
Default setting: If nothing is entered, then all traffic (0.0.0.0/0) will be routed through the ZTNA Gateway.
ZTNA Client Isolation Option
When enabled, connected ZTNA clients with different IP addresses or different usernames will not be able to communicate. ZTNA clients with different IP addresses but the same username will be able to communicate.
Default setting: Off. All ZTNA connected clients can communicate with each other.
Enable ZTNA Netflow Agent Option
See Network Traffic
Enable Cloud Collector Option
Ensure steps 10 and 11 in the link below have been completed for the appropriate Hub site.
Enable Multi-Factor (MFA, 2FA, 2-step) Authentication for ZTNA Connection Manager
To enable MFA for clients connecting through the ZTNA Gateway, refer to the link below.
See Enabling Multi-Factor Authentication for ZTNA Connection Manager (MFA, 2FA, 2-Step)