Operational Defect Database
BugZero found this defect 669 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA16S000000Jx7dSAC
IPSec Mobile VPN Client v15.04 uses default-route VPN for tunnel traffic by default
Last update date:
8/30/2023
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
All
Fireware
12.x
12.8.x
Fixed releases:
All
Description:
Issue
By default, v15.04 of the WatchGuard IPSec Mobile VPN Client uses default-route VPN for tunnel traffic. This forces all traffic through the VPN tunnel (zero routes traffic).The client profiles generated by the Firebox do not include an override for this setting. As a result, if your Firebox is not configured to zero route traffic for your Mobile VPN with IPSec profiles, you will experience phase 2 failures.
Workaround/Solution
To resolve this issue, you must manually edit the profile in the IPSec Mobile VPN Client. Open the IPSec Mobile VPN Client.Select Split Tunnel.Change the selected option from All through the tunnel to According to the remote network table.
