Log in

Sangfor Support Center

Table of Contents
< All Topics
Print

[IAG] Enable VPN disconnection after using admission policy

Posted
Updated
Byadmin
Views2

Problem Description

The problem PC has access policy enabled. After turning on VPN, the network is intermittent. It returns to normal after disabling access.

Process——

  1. Check that there is no problem with the Internet access policy
  2. Enable data pass-through for users, capture packets at the device LAN port, and enable VPN testing
  3. After VPN is turned on for a few minutes, the direct log shows access packet loss. Combined with the data packet analysis, the heartbeat packet is indeed not received.

Root cause

After VPN is turned on, the heartbeat packets of the PC and IAG devices enter the VPN tunnel, resulting in failure to detect access and disconnection from the network.

solution

You can solve this problem by writing a static route on the PC, or by changing the IAG address to a network segment not published by the VPN client.

Original Link

https://support.sangfor.com.cn/cases/list?product_id=22&type=1&category_id=6325&isOpen=true