Why is SSL-VPN answering on different secondary IP Addresses?

I have the following IP's assigned by my ISP: Internet Gateway Internet access Secondary network IP, not in use Configured as the external IP for inbound SSL-VPN access Secondary network IP, not in use not in use
My users can connect with SSL-VPN to IP but I'm also able to connect with the .3 and .5 addresses. The address is the only one specified in my SSL-VPN configuration, there is no backup address specified. Is this expected behavior or am I doing something wrong?

Best Answer


  • Options

    The default setting for the auto-created WatchGuard SSLVPN policy From: field is Any-external, not a specific external IP addr.
    If you want to limit the SSLVPN clients to only access desired IP addrs, then you need to modify the WatchGuard SSLVPN policy From: field as desired.

  • Options

    Bruce, I tried that. I set the From: field to be IP address After that I could not connect at all.

  • Options

    What do you see in Traffic Monitor when you try the connection now?

  • Options

    That fixed it. Thanks Bruce.

Sign In to comment.