ערוך

שתף באמצעות

Global Secure Access Frequently asked questions

  • שאלות נפוצות

Frequently asked questions related to Microsoft Entra Internet Access and Microsoft Entra Private Access, which are part of Global Secure Access.

Common platform questions

I received an error when trying to access a tenant I have access to.

If you enabled universal tenant restrictions and access the Microsoft Entra admin center for one of the allow listed tenants, you see an "Access denied" error. Add the feature flag to the Microsoft Entra admin center: ?feature.msaljs=true&exp.msaljsexp=true. For example, you work for Contoso and you have allow listed Fabrikam as a partner tenant. You see the error message for the Fabrikam tenant's Microsoft Entra admin center. If you received the "access denied" error message for this URL: https://entra.microsoft.com/ then add the feature flag as follows: https://entra.microsoft.com/?feature.msaljs%253Dtrue%2526exp.msaljsexp%253Dtrue#home

Does Global Secure Access allow B2B logins?

B2B logins are only supported when the user is accessing the service from a device that is Microsoft Entra joined. The Microsoft Entra tenant must match the users sign-in credentials. For example, a person works at Fabrikam and is working on a project for Contoso. Contoso provided the person a device and a Contoso identity, such as v-Bob@contoso.com. To access Contoso's Global Secure Access using the Contoso device, the person can use either Bob@Fabrikam.com or v-Bob@Contoso.com. However, the person can't use the Fabrikam device that is joined to the Fabrikam tenant to access Contoso's Global Secure Access.

Does Global Secure Access support IPv6?

At this time, IPv4 is preferred over IPv6. If you encounter issues, disable IPv6. For more information, see the `Disable IPv6`` section of the Install Windows client article.

Can I manage Global Secure Access with Microsoft Graph APIs?

Yes, there's a set of Microsoft Graph APIs available to manage aspects of Microsoft Entra Internet Access and Microsoft Entra Private Access. For more information about these APIs, see the article Secure access to cloud, public, and private apps using Microsoft Graph network access APIs.

Does Global Secure Access support Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)?

At this time, only TCP is supported. UDP support is under development.

Private Access

I can't access an internal resource using the hostname or Fully Qualified Domain Name (FQDN) when IP is configured in Quick Access.

Private Domain Name System (DNS) is currently not supported. Specify the Hostname or FQDN being used to access the internal resource in the Quick Access configuration along with the respective port.

Remote networks

I configure my customer premises equipment (CPE) and Global Secure Access, but the two aren't connecting. I specify the Local and Peer Border Gateway Protocol (BGP) IP addresses, but the connection isn't working.

Make sure you reverse the BGP IP addresses between the CPE and Global Secure Access. For example, if you specified the Local BGP IP address as 1.1.1.1 and the Peer BGP IP address as 0.0.0.0 for the CPE, then swap the values in Global Secure Access. So the Local BGP IP address in Global Secure Access is 0.0.0.0 and the Peer GBP IP address is 1.1.1.1.