diff --git a/src/pages/how-to/routing-traffic-to-private-networks.mdx b/src/pages/how-to/routing-traffic-to-private-networks.mdx index 2a1af16d..5a75168c 100644 --- a/src/pages/how-to/routing-traffic-to-private-networks.mdx +++ b/src/pages/how-to/routing-traffic-to-private-networks.mdx @@ -93,6 +93,17 @@ Distribution groups define that peers that belong to these groups set in this fi It doesn't remove the need for the routing peer to be connected to these peers +### Access Control Groups +These groups provide granular control over internal services within your network. They are used as the destination +groups in access control policies, allowing you to precisely define which internal services can be accessed by +different network entities. + +When you associate these groups with specific routes, the routes will inherit the access control policies where +the groups are defined as part of destination groups. This setup enforces access restrictions based on the policies, +ensuring that only authorized traffic can reach the designated services. + +Routes that do not incorporate these groups will permit unrestricted access, allowing all traffic to pass through +without any limitations. ## Managing network routes A network route describes a network you want to connect with your NetBird peers. It has an identifier, a network range, a routing peer or set of peer groups, and some parameters available for managing priority and masquerading.