Internal-web-traffic-http-https-over-sophos-connect-vpn-cisco-anyconnect-vpn-using-native-android-9-vpn-client - TAKE 2

Hi keen v18 testers :)

I posted an issue a few weeks here

(I wont cut and paste) 

Noticed the behavior just after updating to v18 - thought I had it solved as a NAT migration problem, but the issue of native Android VPN client not working with Https/Http traffic has returned.  Works perfectly fine for Apple native VPN client using Sophos Connect.  Can still Ping and Tracert to internal hosts via Android VPN client so the routing is fine.     


Currently running SFOS 18.0.0 EAP1 - Refresh1


It appears that the stateful firewall is kicking in with invalid traffic, but I'm still wondering if it might be certificate pinning on the Android phone or some other weirdness.   


I thought this was worth reporting - not a massive issue, just find it strange and hope some others might be able to point me in the right direction to try and track down the root cause.


Thanks in advance