SSL VPN No Internet Access!

WG M200, Current Version: 12.0.1

The problem is the following, when establishing the SSL VPN connection with the client, the connection is established but without access to the local internet. The computer's operating system is Windows 10. How can I maintain the SSL VPN connection and use the internet locally?


  • Options

    You need to change your SSLVPN setup on the firewall not not force all traffic down the VPN tunnel.
    Note that this is less secure than forcing all traffic down the VPN tunnel.

  • Options

    I made the change and it worked, thanks

  • Options

    I just want to be sure that you know about the weakness of your solution. When you use SPLIT Tunnel setting your user can route traffic from anywhere into your VPN.
    The better solution is to force all the traffic to the firewall. After that, you have to add a NAT rule for your SSLVPN under Network -> NAT -> Dynamic NAT.
    In this way your Clients are protected by the firebox.

  • Options

    It is not clear that the issue posted is related to a Dynamic NAT entry.

  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    @THilgertBO Additionally, if the customer is using an RFC1918 address, the traffic will be NAT'ed by the default NAT statements. You only really need to add one if they've been modified or you're using a non-RFC1918 address range.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.