Zapp VPN Trusted Network

How can i use the “VPN Trusted Network” in Zapp in forwarding profile. I can switch between trusted and off trusted network but i couldn’t utilize VPN Trusted Network.

Ganesh Krishnan

You need a full tunnel routed to a virtual interface AFAIK

Can you give some clarity on this? I am using tunnel mode. If i install Virtual interface (Hyper-V/Vmware) and route all traffic to virtual interface, will VPN Trusted network triggered in Zapp?

Default route -> Virtual NIC -> Physical NIC

Right now we use hostname to check Trust/Off-trusted network. If the Url doesn’t resolved to expected IP, it will detect as Off-trusted network.

Ganesh Krishnan

Please verify below conditions for VPN trusted networks.

VPN trusted Network-

  • When a user is connected to the trusted network above via a VPN in full-tunnel mode. The VPN must be configured to capture all, and not just some, of the user’s traffic to the trusted network by installing a default route in the routing table of the client device.

The app does not consider the network a VPN trusted network if:

  • The VPN doesn’t install a default route and uses some other mechanism to capture all of the user’s traffic. In this scenario, the app treats the user as Off Trusted Network.
  • The default interface description does not contain the words “Cisco”, “Juniper”, “Fortinet”, “PanGP”, and “VPN.” If these words are missing, the app treats the user as Off Trusted Network.
  • The VPN runs in split tunnel mode, so that the app takes only some of the user traffic. The VPN can do this by installing routes only for some subnets (for example, 10/8 or 192.168/16) or by installing a DNS on the device to resolve specific requests. In this scenario as well, the app considers the user as Off Trusted Network.