Hi all,
I need a clarify on how Location Awareness works with Endpoint Client.
Currently i've an HA Pair of CP that will only server for SSL\IPSec Endpoint (using alwasy-on and machine authentication), so the main goal is to avoid client connection when a laptop will be into our Office.
The first option, to check if a client is connecting to an internal interface, is not feasible because as i've said this cluster it's on our DC and cannot be reached to a private interface from the office, but just over a site-to-site VPN. Third option of DC also is not a good solution because we are passing all Active Directory stuff over VPN. So i've configured the second option, added our office and DC subnet to internals network (and also specified our Wifi SSID).
Because we are still in smart-working (and cannot have access to office), i've setup a new SSID at my home using one of the subnet of internals network specified on SG. Then i've disconnected manually the VPN client (using "trac disconnect"), then connect again but it looks like that the source subnet is not considered as internal but just as external.
Do I need to add also the public IP inside the internals network?
Thanks in advance