SSO through bovpn tunnel


Fireware 12.6.2

When i enable SSO through bovpn tunnels, the SSO agent (authentication gateway) starts to send tcp requests on port 445+4116 to **all** bovpn subnets.
I do not want SSO to all my remote subnets as some subnets is not member of my AD domain and i get a lot of denied packets on my remote firewalls as this traffic is not allowed.

If i make subnet exclusions to SSO this does not stop the traffic, so currently i have a policy denying tcp 445-4116 to specific subnets without logging this or else i get tons of logs.

It there a way to stop the SSO agent to send requests to specific subnets?


Sign In to comment.