IP pools are used by the Source IP Anchoring feature for transparent traffic. When an incoming DNS request hits any of these rules that are preconfigured to forward the traffic to Zscaler Private Access (ZPA), Zscaler assigns an ephemeral IP address to the DNS request from the respective IP pool before forwarding it to ZPA.

You can view or edit the predefined IP pools that are associated with the following preconfigured DNS rules:

• ZPA Resolver for Locations
• ZPA Resolver for Road Warrior
• Fallback ZPA Resolver for Locations
• Fallback ZPA Resolver for Road Warrior

You can edit the default name of the IP pools or even the IP pool range based on your needs. Any change in the IP pool is reflected in the Action column of the associated DNS rule when the rule is enabled.

Configuring the IP pool with public IP addresses is not recommended as it can lead to a conflict during normal DNS resolution if the domain names (other than those of applications with Source IP Anchoring enabled) resolve to a public IP address that matches the address configured in the IP pool.

About the IP Pool Page

On the IP Pool page (Administration > IP & FQDN Groups), you can do the following:

1. View a list of all the IP pools. For each IP pool, you can view:
   • Name: The name of the IP pool. You can sort this column.
   • IP address: The range of IP addresses assigned to this pool. You can configure a maximum of one IP address range for an IP pool.
   • Description: Additional notes or information about the IP pool.
2. Edit the IP pool.
3. Modify the table and its columns.
4. Search for an IP pool.
5. Go to the Source IPv4 Groups, Source IPv6 Groups, Destination IPv4 Groups, and Destination IPv6 Groups pages.