Comments

• While this is failing, packet monitor showed dropped dns requests from X2 interface ip 192.168.50.1 which is the subnet not being nat'd on the tunnel. Both subnets (nat'd and not nat'd) are set in the vpn policy config as a network group but vpn traffic rules were created only for the X0 subnet under the Rules -- NAT…

  in split dns proxy traffic dropped when nat policy applies on an ipsec vpn tunnel subnet Comment by square March 2023