- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
03-04-2022 01:27 AM
Background information
Where I’m currently living right now in a apartment complex there is a central internet network that I do not have access to these devices(Ubiquity). Lately I’ve been working a lot from home and sometimes I need to connect through VPN to clients networks to provide support. Most of the client’s VPN work fine from home except one. When I try to connect it basically times out. If I use my phone as a hotspot this VPN works perfect without any single issue at all. I tried at several other locations (outside my home network) and it works as expected.
The current situation
What I’m using to connect to this VPN is the Mac OS . The VPN Type global protect. So global protect connected properly and it taking ip from ip pool. split tunnel is configured . but issue is internal resources and internet( from google any site ) not accessible.
The problem
We checked in routing table of macbook ,When I try to connect Mac OS Built-in Global Protect VPN client instead of passing the traffic through the tunnel(utunX) it passes it through the regular WiFi interface(EN0). No matter what I tried it couldn’t get the traffic to pass through the tunnel. I have deleted route all route which was showing in mac routing table but after some time it reflected automatically. With this command we deleted route "sudo route -n delete x.x.x.x "
.
03-04-2022 06:47 AM
Sounds like your local IP range configured at your apartment conflicts with the IP range that client is using. When local network resource access is enabled on a split-tunnel configuration that overlaps, you'll see this type of behavior.
Since you are unlikely to get your apartment complex to make any changes, I would contact the client in question and see if they couldn't possibly give you your own client config to work around the issue.
02-09-2023 01:33 PM
If you're using Zscaler Client Connector, we have seen that application modify the injected routes and point them to the wrong next-hop interface. Disabling ZCC fixes the issue. It takes anywhere from 1 second to 2 hours after enabling ZCC before the routes get trashed.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!