JSAM will pick up traffic that is sent to internal resources from the client outside of the SSLVPN session. If a packet capture is taken from the client and you see a call to your 192.168.x.x address in it, you can configure JSAM to intercept this traffic. If, instead, all you see is https traffic, then JSAM can still be used, but you'll have to do a rewriting trick. What I do if I want to bypass the rewriting engine on the IVE is I create a "do not rewrite and redirect to target server" rewrite policy for the internal resource. So for 192.168.x.x, the traffic from the client will be directed out of the VPN session. You can now configure JSAM to intercept that traffic and redirect it back through the IVE, unrewritten. You could also try passthrough proxy for the internal host. This essentially does the same thing, but for some really finicky applications, I find the above configuration to work best.
... View more