Some of our users are using a client VPN which is configures as a Full Tunnel.
As it is a Full Tunnel VPN, all the traffic is routed to the VPN client. Hence we have added the DNS servers to trusted criteria which will populate when connected to Client VPN & selected the Forwarding Profile in VPN Trusted Network as NONE.
So when the user is connected to client VPN, ZCC identifies it is connected to a VPN Network and goes to DISABLED identifying it as a VPN Trusted Network.
Now the issue here is end-users are able to access all the unrestricted sites on the Client VPN as ZCC is disabled on the system.
Is our configuration correct ? or we can also restrict internet access even though users are using a Full Tunnel VPN?
Please share your thoughts on this.