This is regarding the internal networks that need to be configured in Umbrella. I have a network where my 10.0.0.0/16 is used primarily at one site, and have another subnet in this range (10.0.2.0/24) used at another site. If I add both internal networks (10.0.0.0/16 - site A and 10.0.2.0/24 - site B), would this cause any problems and does Umbrella know to use the more specific match so traffic from 10.0.2.0/24 will get marked marked correctly as site B?
Ideally, you would have Umbrella VA(s) located in each Umbrella site and you would configure each local network's DNS servers to point to the Umbrella VA(s) associated with the site, so the Umbrella portal would never see traffic from 10.0.2.0/24 on the other site with the 10.0.0.0/16 supernet.
Thanks for the response. No I get that is the ideal, but this is regarding the Internal Networks section in Umbrella dashboard: Deployments > Configuration > Internal Networks. With multiple sites and VA's in each site, the internal networks used by organisation needs to be listed in the dashboard. My question is if I have a more specific subnet will DNS from that site match the more specific subnet in the list or match both supernet and subnet?
I believe when you add the internal network to the dashboard you also specify which site that the subnet belongs to. That, plus the traffic being forwarded from the VA in that site should take care of the classification of the traffic.
Thanks, yeah I just checked and can specify the site for the network range. So its probably tying in with the appliance configured for that same site. I'll need to test it to see how it goes.