Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Gaurav_Pandya
Advisor
Jump to solution

Mobile Access Default Route

Hi All,

I am implementing Mobile access blade for one of the customer. All the features like, LDAP integration, Compliance check for endpoint security has been done successfully.

Now the requirement is that when user connects to Mobile access SSL VPN, he must use corporate Internet, means all routes gateway should be Corporate firewall and split tunneling feature should be disabled.

I have followed sk31873 and configured GUIDBedit from "route_all_client_traffic_to_connectra" = True

Now I am getting all the routes and also security policy is in place for Office_Pool but still I am unable to browse internet.

In tracker, I am getting below error.

Need expert advise. 

1 Solution

Accepted Solutions
Gaurav_Pandya
Advisor

Hi All,

Finally Issue is resolved by creating new Native application with "Internet Ranges" and apply to Mobile access Rule.

  1. Select 'Applications > Native Applications'.
  2. Click 'New'. Select 'Authorized Locations'.
  3. Click 'Address Range' and type in the range "0.0.0.1 - 255.255.255.254". Click 'Save'.

View solution in original post

5 Replies
PhoneBoy
Admin
Admin
Gaurav_Pandya
Advisor

Hi,

This article is more related to IPsec VPN. I am using Mobile access SSL VPN.

I have also checked that the Office mode IP (Office_pool) is not part of encryption domain.

Gaurav_Pandya
Advisor

Hi All,

Finally Issue is resolved by creating new Native application with "Internet Ranges" and apply to Mobile access Rule.

  1. Select 'Applications > Native Applications'.
  2. Click 'New'. Select 'Authorized Locations'.
  3. Click 'Address Range' and type in the range "0.0.0.1 - 255.255.255.254". Click 'Save'.
Jerry
Mentor
Mentor

now under R80.30 I've got similar issue

my MAB was working like a charm till ... R80.30 upgrade

my MAB Apps are just few plus Internet (done via Native 0.0.0.1-255.255.255.245) also in place

however, I do have an issue with only one little thing (all things works like a charm and I have not a single reason to complain) except ...

 

my IMAPS does not work with GMail.google.com when connected via EPS for Windows (E.80.96-E81.00).

 

just IMAPS with GMail does not work (native MS Outlook client) - all the rest works ie. Exchange Server to O365 etc.

 

my complete package contains all communication channels VIA MAB so all-gateway-mode not a SPLIT-TUNNEL, however all seems to be working just fine except ... GMail IMAPS (tcp).

just so you know I've made an exception no IPS/ThreatPrevention in order to facilitate src/dst with IMAPS ports.

still no go

 

I was just wondering whether any of you guys experienced such thing or ... would rather not use MAB for both (LAN/WAN) at the same time? 😛

 

thanks in advance for all your hints

 

ps. what do you think mate @PhoneBoy & @_Val_ ?

Jerry
0 Kudos
Jerry
Mentor
Mentor

sorry guys, my bad, please remove my previous post 😞 shame but I found a reason not related to CP but bloody Win10 Firewall ... 

Jerry
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events