Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Explorer

Remote access clients receiving routes not in remote access encryption domain

Hello everyone,

we are running an environment with 2 clusters MEP R 80.1 internet gateways offering remote access connectivity via Endpoint Connect and SNX.

We started having an issue which i find strange, Normally when clients connect via remote access, they obtain office mode IPs and the networks on the remote access encryption domain are published to the clients routing table.

 

However, what we have seen is clients routing table getting populated with IP's that are not part of the remote access encryption domain, including whole public ip ranges like 12.0.0.0/16. These additional routes are dropped at the gateway because they are not part of the remote access encryption domain. 

 

 This has led many remote access users not being able to access the internet resources while connected via remote access. 

 

If any one have experienced this kind of issue and how to resolve.

0 Kudos
3 Replies
Highlighted
Leader
Leader

Are you sure you‘re using the remote access encryption domain? Maybee something changed and you use too the normal encryption domain for remote access.

Are the routes on the clients only shown If connected ?
Wolfgang

0 Kudos
Highlighted
Explorer

Hi Wolfgang,

 

The routes on the client only show when connected, yes.

0 Kudos
Highlighted
Champion
Champion

Looks like a MEP missconfiguration issue - see sk105638, sk92676, sk42164...

0 Kudos