Sonos Connectivity Issues


I am using Watchguard Mobile VPN with SSL client to login to my work server from home via my Windows 10 laptop.

When logged in I cannot control my Sonos system via the controller app on my laptop.

Is anyone able to offer any assitance/advice please?

Is there a setting to enable LAN access?

Thank you!


  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @billyc

    Your work is likely using what's called a full tunnel (also called a forced tunnel, or zero route.) This means that it's forcing all of the traffic from your laptop through the VPN instead of allowing it via the local network.

    I'd suggest opening a ticket with your internal support, and letting them know about your issue. If it works for the services you're using, they may be able to move you to a split tunnel, which only routes traffic related to the resources you're accessing via the VPN.

    -James Carson
    WatchGuard Customer Support

  • Would static routes on the home computer override the full tunnel? Just a SWAG here!

    Gregg Hill

  • james.carsonjames.carson Moderator, WatchGuard Representative

    The default route would override them because it'll end up on top of windows route table. Fussing with it might get it down the list, but it wouldn't be consistent. If you have admin you can actually write a script to "route dele" the zero route and "route add" what you want -- but again, don't know why it's set up that way in the first place. There's also no way to automate via the VPN client, so I'd consider that advanced.

    Moving over to specified routes on the VPN would probably be best, but without input from the IT admins there, there's no way to tell why they're on a full tunnel in the first place.

    -James Carson
    WatchGuard Customer Support

  • Split tunnel is a security risk as the VPN client device can be connected to the Internet and to resources behind the firewall at the same time.
    If the client is owned by an attacker, then when the VPN client device is connected, that attacker would have direct real time access to the resources behind the firewall.

Sign In to comment.