Set up DNS exceptions

You may want to exclude access to some subdomains from the users. They can disable these subdomains from being intercepted by the EAA Client by setting up a DNS exception list.

Configured tunnel-type client-access application.

  1. Log in to Enterprise Center.

  2. In the Enterprise Center navigation menu, select Application Access > Applications > Applications.

  3. Select the tunnel application to open it.

  4. Select Advanced > EAA Client parameters.

  5. In Domain exception list enter the names of the subdomains that need to be excluded from users.
    Users are denied in the domain from accessing these subdomains.

  6. Click Save and Deploy.

The IT administrator wants to exclude payroll, benefits, and a confidential project called project1
under devops subdomains from all users. Under General tab, under Application identity settings, enter
the top-level domain, of the wildcard application, * as the internal host for Destination 1,
as shown here:

domain exception example

Then specify the subdomains in the Domain exception list under EAAClient parameters as shown here:

domain exception parameters example


The Domain exception list only supports exact matches. Regular expression pattern matches are not supported.