Hi there
I am wanting to force certain traffic for FQDN's, to go over the SSLVPN, and the rest of it can go out a clients 0.0.0.0/0 route to the internet.
The endpoint I want to route for, is an AWS CLI IP address at eu-west-1.queue.amazonaws.com .. This is the endpoint for the AWS CLI.
I am able to do so successfully by setting up a Hostname in the Local Networks section of the SSLVPN Profile.
However the issue is, once that Hostname subnet is setup in the SSLVPN profile, every couple of minutes it disconnects VPN users. I assume this is because the Sophos is doing a DNS lookup, and then trying to push out the new IP of the Hostname to the SSLVPN clients.
So technically I am able to route traffic over the SSLVPN using the eu-west-1.queue.amazonaws.com endpoint, but because I am using a FQDN and not a IP address, every few minutes it disconnects users.
If I remove the Hostname/FQDN from the Local Networks of the SSLVPN profile, users connect and remain connected as per normal.
Is there a way to stop this behaviour so that I am able to route traffic to eu-west-1.queue.amazonaws.com , accross the SSLVPN, and keep allowing the Sophos to resolve the FQDN as they do change often. (and not kick clients off)
Thanks
This thread was automatically locked due to age.