Create a Post
Showing results for 
Search instead for 
Did you mean: 

routine difference between ssl network extender and mobile client



R80.30 Gaia 2.6.18 Jumbo Hotfix Accumulator Security Gateway and Standalone General
Availability (Take 226)

Client : Windows 10.

noted something weird. The public ip mentioned underneath is one of our own.  It's not in any encryption domain.

1. Connected using mobile vpn

A http connection to a specific public ip address works without any problem when using the mobile client.  The public ip is routed through the internet.  A 'netstat -rn' does not reveal any route forcing it to go through the vpn tunnel.  This is expected behaviour.

2. Connected using portal, and using ssl network extender

A http connection to a specific public ip address does not work.  A closer inspection reveals the packet is routed inside the vpn tunnel, and then ofcourse blocked on one of our firewalls due to "unauthorized ssl vpn traffic".  A 'netstat -rn' reveals a route forcing it to go trough the vpn tunnel.

I can't explain the routing behaviour?  It's my expectation the routing table should come from the ras vpn domain.  And should be the same for both connecting methods?

0 Kudos
1 Reply

if I were you, I would run route print on client's machine to see the difference.

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events