AnsweredAssumed Answered

Remote Access VPN/App+URL Policy Enforcement when split tunneling is disabled

Question asked by Juan Concepcion on Mar 22, 2018
Latest reply on Mar 26, 2018 by Dameon Welch-Abernathy
  • Comment3

R80.10 Manager

R80.10 VSX with handful of virtual systems

 

1 Virtual System is handling Endpoint Security VPN:

  • Allow to route through gateway is set
  • Route through gateway is forced via global properties settings
  • ipchicken confirm public ip is that of gateway
  • Rule that reads:
    • src: vpn_pool
    • dst: Internet
    • URL Category attempting to block
    • Action Block/UserCheck Message

 

Issue: App/URL Policy is not applied to these users even though they are routing through gateway, is this expected behavior? 

Juan Concepcion
Juan Concepcion Mar 26, 2018 5:56 AM
Correct Answer

Turns out it was rule order.  There was a rule that was set to inspect for content with source of any and it was getting hit first even though remote access rule and subsequent rule to block certain content were after this rule was catching on first rule.

 

--Juan

See the reply in context
No one else had this question

Outcomes