I am looking for thoughts on if people have enabled the setting in the Client Configuration for Perform SNI (Server Name Indication) check ? We are migrating VPN technologies and have noticed some traffic occurring outside of the Netskope tunnel when we do not expect it. We believe this setting to be the reason as it indicates that the initial three-way handshake for traffic occurs outside the tunnel to retrieve the hostname. Additionally we have several third-party applications that we use Source IP allowlisting with and believe that this may be causing issues with some of those as well. This was enabled (I believe) during our initial configuration and now want to gather pros and cons of having it enabled/disabled?
Best answer by Fatehd
View original