ZPA and Full Tunnel Access with Internet Restrictions

Hi,
Had a query around a possibility of accomplishing a Full VPN like access into the corporate network when ZPA is ON but no other Internet access be available ( of course control and data traffic between ZCC and ZEN etc should remain).

  1. Is this a possibility?
  2. What if the customer is ZIA subscribed, then do we have something that could dynamically restrict all internet access when ZPA is turned ON?

Thanks
Rowlins

You can do this in the Forwarding Profile with the Trusted Network Detection.

Thanks Gordon,

Can we accomplish that if the user is on Public network and if we only need to grant him access to Corporate applications when ZPA is ON while restricting all access to Internet.

Thanks
Rowlins Thomas