One of our help desk analysts working remotely asked why he was unable to use remote administration tools to assist end users also connected to the GP gateway. I'm not able to find a definitive answer in the docs and KB, but I expect this is by design. Can anybody confirm this, and is there a mitigation besides providing support staff with a virtual desktop on the inside LAN for administrative tasks?
If you permit the access on the firewall security policy, then it's possible to facilitate a connection between two GP clients.
Check your firewall logs for blocked traffic.
That traffic isn't even making it far enough to have security rules applied. We have our VPN subnets in their own zone and no intrazone traffic is being logged.
But, looking at the routing table, I only see a /32 for my own GP IP address. Subnets in my split-tunnel address group appear with the agent virtual IP as the next hop. That suggests that I may need to add the client address block to the split-tunnel.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!