To add a new resource:
- Go to Access and click the + icon in the top right.
- Fill in the details:
- Resource Name – Simple identifier for the resource in the CloudGen Access Enterprise Console.
- Public Host – Hostname used by the device to redirect the request to the CloudGen Access Proxy.
- Must be a valid DNS record.
- Does not need to exist as a public DNS record, private, or at all.
- Resource Host – Internal resource hostname or IP used by the CloudGen Access Proxy to connect to.
- Needs to be a hostname or IP that the CloudGen Access Proxy can resolve and connect to.
- External Port – Port used for the request to the public host from the device.
- Internal Port – Internal resource port used by the CloudGen Access Proxy to connect to the resource host.
- Access Proxy – The CloudGen Access Proxy that will be used and has access to the resource being configured.
- Policy Name – The policy used to allow access for this resource.
- Notes – Can be used to add extra information regarding the resource.
A wildcard is a character used to represent an unspecified resource name or an unspecified part of a resource name. You can add a wildcard resource by adding an asterisk (*) character at the beginning of the hostname.
Example: If you add
*.acme.com as a resource, all traffic from the subdomains of acme.com will be intercepted and sent through the CloudGen Access proxy.
If the resource domain (public or private) is a wildcard domain (example:
*.acme.internal), you can add exceptions that will not be resolved via that resource.
*.acme.internal will catch insights.acme.internal and chat.fruits.internal, but if you add an exception for 'chat', then
chat.acme.internal will be resolved to the normal public DNS resolution.
You can assign a fixed IP address (only for non-wildcard domains) to the resources. If you do so, a resource domain will always be resolved to that IP address on the client-side. This is necessary for some resources, such as VOIP (3CX) and other UDP protocols, that might send the IP that clients are expected to connect to as part of a separate session mechanism.
Example: If you add a fixed IP
192.168.0.3 for call.acme.internal, it will always be the same IP. This is necessary for some resources, such as the VOIP protocol (3CX).