Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Juan_Concepcion
Advisor
Jump to solution

Remote Access VPN/App+URL Policy Enforcement when split tunneling is disabled

R80.10 Manager

R80.10 VSX with handful of virtual systems

1 Virtual System is handling Endpoint Security VPN:

  • Allow to route through gateway is set
  • Route through gateway is forced via global properties settings
  • ipchicken confirm public ip is that of gateway
  • Rule that reads:
    • src: vpn_pool
    • dst: Internet
    • URL Category attempting to block
    • Action Block/UserCheck Message

Issue: App/URL Policy is not applied to these users even though they are routing through gateway, is this expected behavior? 

1 Solution

Accepted Solutions
Juan_Concepcion
Advisor

Turns out it was rule order. There was a rule that was set to inspect for content with source of any and it was getting hit first even though remote access rule and subsequent rule to block certain content were after this rule was catching on first rule.

--Juan

View solution in original post

0 Kudos
4 Replies
PhoneBoy
Admin
Admin

What rule is actually accepting the traffic?

What's being logged?

Perhaps that might provide a clue.

0 Kudos
Juan_Concepcion
Advisor

Turns out it was rule order. There was a rule that was set to inspect for content with source of any and it was getting hit first even though remote access rule and subsequent rule to block certain content were after this rule was catching on first rule.

--Juan

0 Kudos
PhoneBoy
Admin
Admin

Good to know, thanks for updating.

0 Kudos
Sudip_Majee
Participant

Hey Juan,

Can you please explain a little more on how to solve this issue?

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events