Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 8 replies
  • Subscribers 27 subscribers
  • Views 10838 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Split tunneling exceptions?

svk253

We have a site that users access from our internal network, that restricts access based on the Public IP our clients are coming from. That public IP is what is shown when clients connect while in the office.  The problem is, when they are connecting through the VPN from their home, their public IP shows up, and so that site denies them. They MUST come from our public IP.

Do I have to turn off split tunneling or is there a way to force a site to go through the tunnel? When I do 'what is my ip' from a workstation connected via VPN it gives me the IP of whatever network I'm on (i.e. Comcast or something). 

I hope that makes sense. Thank you for your time.



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to svk253

    I would think it would make more sense to just turn on the default gateway option, vs sending Any traffic over the tunnel.

     

    Can you see the traffic hitting the web server from the SSL VPN connection?

    If you are able to connect to the web site, within your network, are you going out the same connection as the SSL VPN is going out (after routing back through the XG)?

    It isn't using a non-standard port is it?

  • 0 in reply to Derek Lechner

    I just did a packet capture and saw that it was getting a firewall violation. We have a firewall rule LAN to WAN but the VPN isn't allowed in there.  Any reason there shouldn't be a VPN > WAN rule? I added it and things work now.

    I appreciate your help. I think I worked it out so we can keep split tunnel on.