Hi,

running

R80.30 Gaia 2.6.18 Jumbo Hotfix Accumulator Security Gateway and Standalone General
Availability (Take 226)

Client : Windows 10.

noted something weird. The public ip mentioned underneath is one of our own.  It's not in any encryption domain.

1. Connected using mobile vpn

A http connection to a specific public ip address works without any problem when using the mobile client.  The public ip is routed through the internet.  A 'netstat -rn' does not reveal any route forcing it to go through the vpn tunnel.  This is expected behaviour.

2. Connected using portal, and using ssl network extender

A http connection to a specific public ip address does not work.  A closer inspection reveals the packet is routed inside the vpn tunnel, and then ofcourse blocked on one of our firewalls due to "unauthorized ssl vpn traffic".  A 'netstat -rn' reveals a route forcing it to go trough the vpn tunnel.

I can't explain the routing behaviour?  It's my expectation the routing table should come from the ras vpn domain.  And should be the same for both connecting methods?