I added a private network for developers to connect to our Staging Database via Zero Trust.
It works correctly and the connection to our database (via a DNS which resolves to private IP) can be established if our developers is connected via ZeroTrust
I then wanted to setup an access policy against this private network access.
I created a new Application with type set to Private Network.
When creating the application I can specify SNI or IP as the destination. I choose SNI and put the private DNS url as the value.
2 policies were then created automatically Allow rule and Block rule. I tried testing the policy by simply disabling the Allow rule. However, everyone can still establish connection to the DNS specified in the SNI just fine. It is as if the policy does not do anything.
Is there something that I might be missing?