SSL VPN Remote Access Split Tunnel ?

Question

We have an XG125w firewall with SSL VPN Remote Access setup for a few users to connect in from home. It is currently setup to use split tunneling so Internet access is quick. 
 
 We have 1 hosted application the end users access by going to example123.something.com that is only allowed from our Public WAN IP Address at the office. 
 
 Is there a way to force traffic going to example123.something.com&#160;route over the VPN and out the XG's WAN interface so it is accessible to the SSL VPN Users?

Keyur · Accepted Answer

Hi dtknox Is your server hosted behind the firewall and DNAT configuration is there to access it using public IP from WAN? Please follow the below given steps to achieve your requirements. 1. Find out A record of your domain example123.something.com 2. Add this A record IP address to the Accessible Resource of SSL VPN configuration 
 3. Reimport the SSL VPN client configuration, it will push the A record route to the user system 4. When the user tries to access the URL, it will forward through the VPN tunnel to XG. 5. XG will try to find the route in its local table and unable to find the route and forward the traffic to the WAN zone. 6. Create a VPN to WAN zone rule and web site will be accessible to SSL VPN users in your scenario. 7. If traffic should be sent through a specific gateway, please define that gateway as "Primary Gateway" in VPN to WAN rule.