Systems Manager Sentry VPN security

C1Meraki
Just browsing

Systems Manager Sentry VPN security

Hello

 

Trying to do Systems Manager Sentry with IOS + Android devices. VPN settings push to device. Device can authenticate. But device cannot access email while the VPN is enabled. I noticed the setting under the MX > Client VPN page called "Send all traffic" under the systems manager VPN Security section. I want the client VPN for Systems Manager clients to be split-tunnel. However, I have no idea of knowing what subnets are split tunneled and if this is even working. Windows 10 clients not managed by Systems Manager are working fine through client VPN, so I'm pretty sure it isn't a firewall rule issue. Our MX network is a 10.1.0.0/24 subnet - so is it safe to assume the Systems Manager devices are only split-tunneling the 10.1.0.0/24 subnet? Or is it just not working at all...

1 Reply 1
bmehta
Meraki Alumni (Retired)
Meraki Alumni (Retired)

Hello @C1Meraki 
I believe for split tunnel If the option to send all traffic isn't checked to send all traffic through VPN then the traffic just follows the client's routing table and if there are no routes specifying that traffic go through the VPN adapter then nothing will go over the VPN. In send all traffic over VPN checked scenario basically all traffic is sent over VPN interface

Get notified when there are additional replies to this discussion.