Adding security policies

Go to Policy & Objects > Addresses and create a new address for the local network.
Set Type to Subnet.
Set Subnet/IP Range to the local subnet.
Set Interface to lan.
Go to Policy & Objects > IPv4 Policy to create a security policy to allowing access to the internal network through the VPN tunnel interface.
Set Incoming Interface to ssl.root.
Set Outgoing Interface to lan.
Set Source to all and to the Employees user group.
Set Destination to the local network address.
Set Service to ALL.
Enable NAT.
Add a second security policy allowing SSL VPN access to the Internet.
If you allow split tunneling, this policy is not required.
For this policy, set Incoming Interface to ssl.root.
Set Outgoing Interface to wan1.
Set Source to all and to the Employees user group.

Go to Policy & Objects > Addresses and create a new address for the local network.

Set Type to Subnet.

Set Subnet/IP Range to the local subnet.

Set Interface to lan.

Go to Policy & Objects > IPv4 Policy to create a security policy to allowing access to the internal network through the VPN tunnel interface.

Set Incoming Interface to ssl.root.

Set Outgoing Interface to lan.

Set Source to all and to the Employees user group.

Set Destination to the local network address.

Set Service to ALL.

Enable NAT.

Add a second security policy allowing SSL VPN access to the Internet.

If you allow split tunneling, this policy is not required.

For this policy, set Incoming Interface to ssl.root.

Set Outgoing Interface to wan1.

Set Source to all and to the Employees user group.