Forum Discussion
1 Reply
Sort By
- StevenWong
Cato Employee
Hi Prakash,
Currently, there is no direct way to restrict ZTNA users to connect only to specific PoPs. I would recommend opening an RFE (Request for Enhancement) with your Cato representative.
Alternatively, you can indirectly restrict connections by configuring the client connectivity policy to allow access only from specific source countries (based on IP geo-location) with an egress network rule for India users.
For example, restricting access to ZTNA connections originating from India, and enforce a network rule to ensure that all egress traffic from India users/groups to the internet always routes through India PoPs.