SSL VPN is used as full tunnel and the requirement is when the VPN is connected with firewall just the local application/network should be accessible.
- Checked the configuration and it was proper
- NO VPN to WAN rule was present hence the WAN traffic was being dropped as expected.
- All websites and pings were dropping on the firewall as expected.
- The issue we are facing is that on telegram application we are still able to send and receive messages.
- Any download or upload is not working, just messages are working.
- Telegram itself is not pinging or telnetting.
- Nslookup also not working.
- Checked routes on the machine itself.
- Tracert also ended on the VPN interface itself.
- Created a VPN to ANY drop rule on the firewall and chedked again.
- Still we were able to send and receive messages.
- Found an IP-address (149.154.167.197) which is used for telegram messenger and I was able to telnet it.
- The same IP is not pingable.
- Took capture while pinging the IP and it was dropping as expected.
- While telnetting it was taking the same rule but it was showing that the tun7 itself was replying.
- In TCPdump also observed the same.
- Took Conntrack entries and there was no out interface and rule also it was taking proper.
- Took capture on port 443 itself to see if the packets were being NATted anywhere and there too in capture it was showing directly tun7 replying.
- Checked routes on the firewall itself.
- From firewall itself the IP was showing route behind WAN.
This thread was automatically locked due to age.