IP pools are used to assign an internal IP address to clients, including clients in the Connector or Portal. This IP address is used by the virtual tunnel interface for client-to-Gateway communications.
There are default IP pools provided for both IPv4 and IPv6 in the AppGate ZTNA system:
Check the default settings for both IP pools and increase the pool size if you have many users.
If you are not using IPv6 for your client-to-Gateway tunnels, remove the default IPv6 pool.
Once IP pools are configured, you can allocate how they will be used in the following places:
Identity Provider. Primary usage. In the IdP, you can assign tunnel IP addresses for any user authenticating through that IdP.
Site. Optional usage. You can map the primary IP address to an alternative IP address for a given Site
Before you start
You will need the following information before you set up an IP pool:
One or more ranges of free IP addresses for users connecting through AppGate ZTNA.
An understanding of Sites where there might be an IP address conflict.
Background reading:
For full details about IP pools, see the IPv4 and IPv6 pools section.
For information on allocating IP pools to IdPs, see the Configure identity providers section.
For more information about how tunneled traffic is handled in AppGate ZTNA, see the Routing client traffic section.
Use the IP Pools page to:
Configure IP pool ranges for IP addresses that will be assigned to each client.
Add more IP pool ranges to an existing IP pool.
Add range exclusions to an existing IP pool.
See the Configure IP pools section when you are ready to start configuring an IP pool.