We do have a couple basic rules for the individual Z3s. Users are only permitted to use company devices with their teleworker appliances. The behavior I'm seeing seems more like a routing issue than Site-To-Site VPN rules. For example, I've noticed that even though we have IPV6 turned off internally, once the Z3s do sync up and start passing traffic, IPV6 routes show up in the routing tables as routes between the Z3 networks. I don't know if that has any bearing on anything, nor do I understand why they are established since we only use IPV4.
... View more
