Here is what we want to do. Currently we have our main BES server and our failover relay on the same subnet, remote relays at regional subnets for remote users, and a DMZ relay for mobile laptops on the Internet.
Currently when our mobile laptops are connected to our network over VPN (split tunneling), the laptops still communicate with the DMZ relay. We want to force the laptops to communicate over the VPN tunnel to an internal relay, anytime they are connected (such as the failover relay or one we define, but one on our internal network).
All of the laptop VPN connections have an IP address in the same subnet, dedicated for VPN connections.
Has anyone been able to automate an autorelay select function at the laptop upon a VPN connect/disconnect?
Any ideas that don’t require a lot of overhead to maintain?
Thanks for the info. That worked. On the DNS server used by our VPN clients, I simply gave the DNS record for our DMZ relay a bogus/un-used internal IP address. This forced the clients to start using the internal relays.
How did you get the client to dynamically switch into polling mode when off the network? Currently we just have our laptops statically set with command polling every hour.
We have a task where the clients evaluate the name of the registration server. If it equals the external ip address of our DMZ relay, we switch to polling mode.