All Products
Search

This Product

    Smart Access Gateway:Network configuration

    Document Center

    Smart Access Gateway:Network configuration

    Last Updated:Nov 28, 2025

    After an administrator purchases a Smart Access Gateway (SAG) app instance, configure the network for the instance to allow clients to connect to Alibaba Cloud.

    Procedure

    1. Log on to the SAG console.
    2. In the left-side navigation pane, choose Smart Access Gateway App > SAG App Instances.

    3. In the top navigation bar, select the target region.

    4. On the SAG App Instances page, find the target instance.

      • Quick configuration has not been set up.

        In the CCN Instance ID/Name column, click Network Configuration.

      • The quick configuration has been applied.

        In the Actions column, click Network Configuration.

    5. Set the following parameters.

      Parameter

      Description

      Instance Name/ID

      The name and ID of the Smart Access Gateway client instance.

      Resource Group

      Select the resource group to which the Cloud Connect Network (CCN) instance belongs.

      This resource group is created in Resource Management under your Alibaba Cloud account. For more information, see Create a resource group.

      Note

      This parameter is displayed only if you do not use Quick Configuration.

      CCN

      Select the CCN to attach. CCN is an important component of Smart Access Gateway. After you associate a Smart Access Gateway client instance with a CCN, the clients associated with the instance can communicate with other gateway devices that are attached to the CCN. For more information, see Introduction to Cloud Connect Network.

      You can select the CCN instance to attach in one of the following two ways:

      • Existing CCN: If you already created a CCN in the current region, click the text box and select an existing CCN instance to attach.

      • Create CCN: If you have not created a CCN, enter a name for the CCN instance in the text box. The system creates a CCN instance in the current region and automatically attaches it.

      Standby and Active DNS

      Optional. Specify custom primary and secondary DNS servers for clients to use when they connect to the private network.

      Note the following when you use the custom DNS feature:

      • After you configure the DNS servers, the system automatically pushes the DNS configuration to the clients. All traffic from your clients is parsed by these DNS servers. If your client traffic needs to access the Internet, make sure your DNS servers can resolve public domain names.

      • If you want to use the PrivateZone service when clients connect to Alibaba Cloud, set the DNS addresses to 100.100.2.136 and 100.100.2.138. For more information about PrivateZone, see What is PrivateZone?.

      • DNS configuration is supported on Android clients of version 2.1.1 or later and macOS clients of version 2.1.1 or later. For more information about how to download the client, see Install the client.

      Note

      • If your client runs on iOS 13, the system may retain the default DNS configuration after you configure a custom DNS. In this case, the custom DNS does not take effect. To resolve this issue, exit the client and reconnect to Alibaba Cloud.

      • If your client runs on macOS, after you configure the DNS, go to System Preferences > Security & Privacy on your macOS system and deselect the option Require an administrator password to access system-wide preferences. This allows the client to write the DNS configuration to your system.

      Private CIDR Block

      Specify the private CIDR block for clients to use when they connect to Alibaba Cloud. When a client connects, the system automatically assigns an available IP address from this CIDR block. Make sure that your private CIDR blocks do not overlap.

      Click Add Private CIDR Block to add more CIDR blocks. You can configure up to 11 private CIDR blocks.

    6. Click OK.