R80.10 Manager
R80.10 VSX with handful of virtual systems
1 Virtual System is handling Endpoint Security VPN:
- Allow to route through gateway is set
- Route through gateway is forced via global properties settings
- ipchicken confirm public ip is that of gateway
- Rule that reads:
- src: vpn_pool
- dst: Internet
- URL Category attempting to block
- Action Block/UserCheck Message
Issue: App/URL Policy is not applied to these users even though they are routing through gateway, is this expected behavior?
Turns out it was rule order. There was a rule that was set to inspect for content with source of any and it was getting hit first even though remote access rule and subsequent rule to block certain content were after this rule was catching on first rule.
--Juan