Someone told me that if my device communicates with a server on Internet via VPN connection or HTTPS, all the contents that I have sent can be sniffed and decrypted by the UTM device (or more functional devices) in the LAN which I located at. In other words, administrator of the UTM device can easily get all he wants to know about what I have sent. This confused me. I think that the contents sent via VPN or HTTPS should be encrypted so that even the administrator of LAN should not be able to know the contents. Am I wrong about this? Moreover, if this is true, how can they do it?
Many thanks.
