Just wanted to see if other persons in the world have this problem.
And it is strange ....
AutoVPN between two networks (nothing fancy as such), all good, except when we try to reach, for example, a https service on the other end.
The TCP handshake to the server is just fine (so nothing is blocked by an ACL) but then, when the cert is sent, it disappears somewhere in the MX. We can see the packet going into the LAN interface, but nothing received on the other end, or in the tunnel.
Now here is the funny part, if we then whitelist the server (Group policy Allow list / Whitelist on the client page) everything works.
IPS would be the first thing we would look at, but nothing shows up as blocked in IPS, and disabling IPS does nothing, only "allow list / whitelist".
Have anyone seen that before ?
/Thomas