SSL VPN and Outlook Trying to connect

2»

Comments

  • edited June 2020

    So I upgraded my fire cluster to 12.5.3 U1 build 6210990 and the problem came back. I had to go ahead and run the cli command again sslvpn resource default-route-client

    Now I wonder, did this setting go away because I upgraded or because the firecluster master is different now?

    Also, how do I check the status to make sure the default-route-client option is still enabled? Is there a cli command for that?

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @phanaaekIT

    There isn't a option to see the status of this command -- you'll just need to run it again and apply it if you want to double check.

    The setting change should survive any upgrade or reboot, so there may be another factor that made it revert (like an old policy manager config, or the cluster not syncing configurations for whatever reason.)

    Without log data from that time, it's difficult to pin down an exact reason. If you'd like to explore the data a bit more, I'd suggest opening a support case to do this.

    -James Carson
    WatchGuard Customer Support

  • I made the (Option 2—Manually Configure a Default Gateway on a Windows Client) change that Bruce_Briggs suggested and it works, my colleagues and me can now use Outlook365 while connected with SSLVPN! Many thanks!

  • @NickO said:
    I made the (Option 2—Manually Configure a Default Gateway on a Windows Client) change that Bruce_Briggs suggested and it works, my colleagues and me can now use Outlook365 while connected with SSLVPN! Many thanks!

    Using the CLI command is a far better option. It covers all current computers and any future computers that connect without having to touch each computer.

    Gregg Hill

  • @Greggmh123 said:

    @NickO said:
    I made the (Option 2—Manually Configure a Default Gateway on a Windows Client) change that Bruce_Briggs suggested and it works, my colleagues and me can now use Outlook365 while connected with SSLVPN! Many thanks!

    Using the CLI command is a far better option. It covers all current computers and any future computers that connect without having to touch each computer.

    It also reverts back when the SSL VPN client is updated on the client computer which might happen next time you update the firebox if it includes a new client.

  • @phanaaekIT said:

    @Greggmh123 said:

    @NickO said:
    I made the (Option 2—Manually Configure a Default Gateway on a Windows Client) change that Bruce_Briggs suggested and it works, my colleagues and me can now use Outlook365 while connected with SSLVPN! Many thanks!

    Using the CLI command is a far better option. It covers all current computers and any future computers that connect without having to touch each computer.

    It also reverts back when the SSL VPN client is updated on the client computer which might happen next time you update the firebox if it includes a new client.

    To be clear, "it also reverts back" means the SSLVPN client reverts the gateway. Updating the SSLVPN client has no effect on the CLI setting in the firewall.

    Gregg Hill

Sign In to comment.