DNS request for internal resources

Question

Hello everyone, I need to get some SSL VPN users to a server with a local URL ("">">http://myurl.local"). The steps I followed: 1) My Xgs2300 has the two domain controllers and google's dns as its dns server 2) Configured a VPN policy only for these users (use as default gateway off) 3) Configured a DNS host entry 4) In my SSL VPN GLOBAL setting I entered the ip of the LAN port of my firewall as primary DNS (I would like to avoid dns queries towards the two domain controllers) Everything works but by doing so the VPN users can also reach the "4444" port of the Firewall webadmin. I would like to block the accesses of these users only to the DNS service of the LAN port but I can't. 
 Any suggestion? 
 Thank you

jprusch · Answer

Hello, 
 all you got to do is disable &bdquo;HTTPS&ldquo; under Admin services at Administration/Device access . There is a matrix where you uncheck that service for the VPN zone..

jprusch · Answer

Hello, 
 I would use a jumphost for this purpose.