Configuring Network Range Applications: Using the Logical "and" Operator

📘

Note

This is a limited release feature. For more information contact Axis Security Support: [email protected]

This article describes how you can use the logical “and” operator for configuring Network Range applications.

This section contains the following topics:

  • Routing Traffic Using a Logical “or” Relationship
  • Routing Traffic Using a Logical "and" Relationship

Routing Traffic Using a Logical “or” Relationship

With Network Range applications that include both a DNS wildcard and an IP range, the relationship between the two components is a logical "or". This means that the Axis Client routes traffic through the Axis Cloud if the user is trying to connect to either an address included in the DNS wildcard or an address within the specified IP range.

For example, the Network Range named Acme has two address ranges:

  • A DNS wildcard specifying *acme.com
  • An IP range specifying 1.1.1.2/10
16101610

For example, consider the following scenarios:

DNS Address

DNS Resolution

1

home.acme.com

1.1.2.7

2

acmecorp.io

1.1.1.8

3

test.acme.com

1.1.1.5

#1: Routing Traffic with a DNS Wildcard
When a user tries to connect to home.acme.com, it is within the address range and therefore the Axis Client routes the traffic through the Axis Cloud without referring to the DNS resolution to an IP address.

#2: Routing Traffic with a Specified IP Range
When a user tries to connect to acmecorp.io, the address is resolved to IP 1.1.1.8 (which is within the specified IP range) and the Axis Client routes the traffic through the Axis Cloud even though the address is not within the DNS wildcard.

Routing Traffic Using a Logical "and" Relationship

Administrators can condition Axis Client traffic routing on a combination of both a DNS address range and an IP range.

Using the "and" relationship, admins can configure the Axis Client to route traffic only when the address is within the DNS wildcard and it resolves to an IP address within the IP range.

Using the example above, in scenario 3, test.acme.com is included in the DNS wildcard, and the DNS resolution for that address is 1.1.1.5 which is within the specified IP range. Since the address is included in both ranges, the Axis Client will route traffic through the Axis Cloud.

In scenario 1 and scenario 2 the Axis Client will not route the traffic through the Axis Cloud because only one of the conditions is met.

To create a logical "and" relationship:

Contact Axis Security Support [email protected] with the following information:

  • The organization's internal DNS servers that are designated to resolve the DNS addresses.
  • The domain addresses to resolve
  • The IP addresses to which the domains should resolve

Did this page help you?