Troubleshooting Tip: Unable to reach local network after adding in the SSL VPN portal

The user belongs to both the full-access and admin portals in the SSL VPN configuration. Within the full-access local network, which is not advertised, user matching grants full access before matching the admin portal.

Non-working: user is part of both portals.

[188:root:bf8d81d]fsv_saml_auth_group:348 find a remote match group: 3dc6caa8-1435-4698-a448-9b417b5cc41b, portal: Admins, <------------ group: VPN_MFA_ERP.
[188:root:bf8d81d]saml login [188:200857629] SAML_WARN: Found a remote match group.'3dc6caa8-1435-4698-a448-9b417b5cc41b' matches group
'VPN_MFA_ERP'
[188:root:bf8d81d]fsv_saml_auth_group:348 find a remote match group: 62c74181-f6e2-4ee4-8f09-22d3bd8673b7, portal: full-access, <------------ group: Azuremfavpn_GRP.
[188:root:bf8d81d]saml login [188:200857629] SAML_WARN: Found a remote match group.'62c74181-f6e2-4ee4-8f09-22d3bd8673b7' matches group
'Azuremfavpn_GRP'

=====

Working: after removing the user from the Full-Access portal:

[188:root:bf8d06e]fsv_saml_auth_group:348 find a remote match group: 3dc6caa8-1435-4698-a448-9b417b5cc41b, portal: Admins, <---------- group: VPN_MFA_ERP.
[188:root:bf8d06e]saml login [188:200855662] SAML_WARN: Found a remote match group.'3dc6caa8-1435-4698-a448-9b417b5cc41b' matches group
'VPN_MFA_ERP'
[188:root:bf8d06e]fsv_saml_auth_group:348 find a remote match group: 7f80a8f2-a0de-40af-b950-ded6a0a20b25, portal: Admins, <------- group: VPN_MFA_ICT.
[188:root:bf8d06e]saml login [188:200855662] SAML_WARN: Found a remote match group.'7f80a8f2-a0de-40af-b950-ded6a0a20b25' matches group

Solution:

Remove the user from the full-access portal to gain full access to the local network.