diff --git a/public/docs-static/img/how-to-guides/network-acl-create-policy.png b/public/docs-static/img/how-to-guides/network-acl-create-policy.png
new file mode 100644
index 00000000..cb65082a
Binary files /dev/null and b/public/docs-static/img/how-to-guides/network-acl-create-policy.png differ
diff --git a/public/docs-static/img/how-to-guides/network-acl-new-policy.png b/public/docs-static/img/how-to-guides/network-acl-new-policy.png
new file mode 100644
index 00000000..e29f6cff
Binary files /dev/null and b/public/docs-static/img/how-to-guides/network-acl-new-policy.png differ
diff --git a/public/docs-static/img/how-to-guides/network-route-acl-group-settings.png b/public/docs-static/img/how-to-guides/network-route-acl-group-settings.png
new file mode 100644
index 00000000..69d24664
Binary files /dev/null and b/public/docs-static/img/how-to-guides/network-route-acl-group-settings.png differ
diff --git a/public/docs-static/img/how-to-guides/network-route-acl-saved.png b/public/docs-static/img/how-to-guides/network-route-acl-saved.png
new file mode 100644
index 00000000..f9cf9d84
Binary files /dev/null and b/public/docs-static/img/how-to-guides/network-route-acl-saved.png differ
diff --git a/public/docs-static/img/how-to-guides/network-route-acl.png b/public/docs-static/img/how-to-guides/network-route-acl.png
new file mode 100644
index 00000000..f7d0458e
Binary files /dev/null and b/public/docs-static/img/how-to-guides/network-route-acl.png differ
diff --git a/src/components/NavigationDocs.jsx b/src/components/NavigationDocs.jsx
index c15e6ede..bb0f5bfe 100644
--- a/src/components/NavigationDocs.jsx
+++ b/src/components/NavigationDocs.jsx
@@ -73,6 +73,7 @@ export const docsNavigation = [
              links: [
                  { title: 'Routing traffic to private networks', href: '/how-to/routing-traffic-to-private-networks' },
                  { title: 'Configuring default routes for Internet traffic', href: '/how-to/configuring-default-routes-for-internet-traffic' },
+                 { title: 'Configuring routes with access control', href: '/how-to/configuring-routes-with-access-control' },
                  { title: 'Resolve overlapping routes', href: '/how-to/resolve-overlapping-routes' },
              ]
          },
diff --git a/src/pages/how-to/configuring-routes-with-access-control.mdx b/src/pages/how-to/configuring-routes-with-access-control.mdx
new file mode 100644
index 00000000..4881b457
--- /dev/null
+++ b/src/pages/how-to/configuring-routes-with-access-control.mdx
@@ -0,0 +1,59 @@
+# Configuring routes with access control
+By default, network routes allow unrestricted access, meaning any traffic can flow through the routes without limitations.
+This behavior occurs when access control groups are not associated with a route. However, when access control groups
+are set, the route inherits access restrictions based on the defined policies. Only traffic that meets the criteria
+specified in these policies can access the internal services, ensuring that your network remains secure and that
+only authorized users can reach sensitive resources.
+
+## Creating Access Control Policy
+After accessing the `Access Control` > `Policies` tab, click on the `Add policy` button to create a new policy.
+In the popup, specify source and destination groups, and add Posture Checks if needed. Make sure to set traffic
+direction only when TCP or UDP protocols are selected. Finally, provide a name and description for your policy.
+
+In the example below, we are creating a one direction policy with the following information:
+- Name: `Devs to Servers`
+- Description: `Devs are allowed to access servers`
+- Protocol: `TCP`
+- Ports: `80`
+- Source Groups: `devs`
+- Destination Groups: `servers`
+
+<p>
+    <img src="/docs-static/img/how-to-guides/network-acl-create-policy.png" alt="high-level-dia" className="imagewrapper"/>
+</p>
+
+
+If necessary, you can create new groups simply by entering new names in the input box for either the source or destination lists.
+
+Once you have finished configuring the policy, click `Add Policy` to save it. You will then see your new policy in the table.
+<p>
+    <img src="/docs-static/img/how-to-guides/network-acl-new-policy.png" alt="high-level-dia" className="imagewrapper-big"/>
+</p>
+
+##  Creating a network route with access control group
+Access the `Network Routes` tab and click the `Add Route` button to create a new route.
+
+In the example below, we are creating a route with the following information:
+
+- Network identifier: `aws-eu-central-1-vpc`
+- Description: `Production VPC in Frankfurt`
+- Network range: `10.10.0.0/16`
+- Routing peer: `server`
+- Distribution Groups: `devs`
+- Access Control Groups: `servers`
+
+<p>
+    <img src="/docs-static/img/how-to-guides/network-route-acl.png" alt="high-level-dia" className="imagewrapper-big"/>
+</p>
+
+<p>
+    <img src="/docs-static/img/how-to-guides/network-route-acl-group-settings.png" alt="high-level-dia" className="imagewrapper-big"/>
+</p>
+
+Once you fill in the route information, you can click on the `Add Route` button to save your new route.
+<p>
+    <img src="/docs-static/img/how-to-guides/network-route-acl-saved.png" alt="high-level-dia" className="imagewrapper-big"/>
+</p>
+
+Done! Now, every peer connected to your routing peer will be able to send TCP traffic on port 80 to your external
+network according to the defined policy.
\ No newline at end of file