Hmm I don't see logs anymore but I did enable split tunneling and manually specified the encryption domain.
I do have a firewall rule that should allow this traffic...
Src: office mode network
Dst: FW
Services: SSH and webUI port
I am able to access the webUI and I see accept and decrypt logs for this traffic from my office mode IP to the internal IP of the firewall.
When I try to SSH I don't see logs. I do see drops in the zdebug. It shows this connection being dropped but the weird thing is the source is my external IP trying to hit destination of the external IP of the firewall.
Shouldn't this traffic be hitting the same rule that allows webUI access?