Endpoint Security E84.50 Client Issues - Routing table different from specified Encryption Domain

Megha — Mon, 10 Jan 2022 03:15:06 GMT

Hi Checkmates,

We have upgraded our firewalls from R77.30 to R80.30 two years ago.
Since then we are facing issues accessing our system when connected over VPN using the newer versions of VPN client. E84.50

The only client version that works fine is the R73 endpoint connect.

There are two main issues we face with the new clients:
1. The VPN connected successfully, however we are not able to access the gateway itself, using the Mgmt IP or any other subnet.
      Example: We have configured 10.150.181.0/24 on the gateways.
                        VIP - 10.150.181.1, FW1 -10.150.181.2, FW2 - 10.150.181.3.
once connected to the VPN using the new client, we cannot access FW1 using 10.150.181.2.

2. The routing table, when connected to the new VPN client is different from the subnets defined in the encryption domain for Remote access.
       Example: In the encryption domain, we have defined 10.150.181.0/24, however the routing table post connecting to the client shows the below: (note: these subnets/ hosts are not defined anywhere in our firewalls/ smartconsole)

10.150.181.32 /32
10.150.181.36 /30
10.150.181.40 /29
10.150.181.48 /30
10.150.181.52 /30a
10.150.181.56 /32.... etc

we have raised a support ticket but unable to get any meaningful feedback.. Has anyone here faced any similar issues??? Or know what could be causing this? Would greatly appreciate your help!

Re: Endpoint Security E84.50 Client Issues - Routing table different from specified Encryption Doma

OVN — Tue, 01 Feb 2022 08:08:38 GMT

I would also like an answer to this question.

topic Endpoint Security E84.50 Client Issues - Routing table different from specified Encryption Domain in SASE and Remote Access

Endpoint Security E84.50 Client Issues - Routing table different from specified Encryption Domain

Re: Endpoint Security E84.50 Client Issues - Routing table different from specified Encryption Doma