Yes it does
i have 2 interfaces setup on controller
1 - internal IP on 10. Range doing inside traffic and management
2 - external public IP (which gets NAT’d by our external firewall doing the outside traffic to the internet
i have 2 routes ... all of the 10 internal address space goes inside and everything else goes out to the internet.
Our VPN works fine and there’s no issues with it. We just have 2 problems; when users are on LAN the VIA client thinks it’s on a untrusted network.
we also have a problem where we add ‘certificate criteria’ to the profile and it ignores this and still shows all our certificates for users to choose from instead of the criteria we add to filter them