- Products
- Learn
- Local User Groups
- Partners
- More
What's New in R82.10?
Watch HereWhen the Agents Attack
A Live Look at Agentic Exposure Validation
AI Security Masters E8:
Claude Mythos: New Era in Cyber Security
CheckMates Go:
CheckMates Fest
Hi CheckMates!
Is it possible to assign office mode IP addresses by client type?
For example, Capsule VPN Android users get IP address from one OM pool, SSL Network Extender user from another OM pool, Check Point Mobile users from yet another OM pool, etc.
Regards
rooKing
Not aware of a way to do this at current.
Im 100% positive you canNOT do that.
Andy
The others are correct. If you're looking to differentiate traffic by client type, then Access Roles are your answer here. You can define an Access Role object by client type, and use those in your policy.
For best results, you can also define an access role for your regular users and again use that in your policy. With this, you can remove the "legacy user access" rule for "Vpn_users@any" in the source column AND you can remove the RemoteAccess community from the VPN column. You will use the access roles to control VPN user traffic; either by your client type roles, or your user-identity roles, or both. Your user identity roles can refer to internal/local user, AD/LDAP users, LDAP OUs, AD security groups.... whatever you need.
excellent point!
Not aware of a way to do this at current.
Im 100% positive you canNOT do that.
Andy
The others are correct. If you're looking to differentiate traffic by client type, then Access Roles are your answer here. You can define an Access Role object by client type, and use those in your policy.
For best results, you can also define an access role for your regular users and again use that in your policy. With this, you can remove the "legacy user access" rule for "Vpn_users@any" in the source column AND you can remove the RemoteAccess community from the VPN column. You will use the access roles to control VPN user traffic; either by your client type roles, or your user-identity roles, or both. Your user identity roles can refer to internal/local user, AD/LDAP users, LDAP OUs, AD security groups.... whatever you need.
excellent point!
Thu 09 Jul 2026 @ 10:00 AM (CEST)
Schutz souveräner Workloads: Check Point & die AWS European Sovereign CloudThu 09 Jul 2026 @ 11:00 AM (CEST)
The Cloud Architects Series: Check Point Edge Protection SD-WAN & SASEThu 09 Jul 2026 @ 11:00 AM (EDT)
Tips and Tricks 2026 #9 - What's New with Check Point Email SecurityFri 10 Jul 2026 @ 11:00 AM (IDT)
CheckMates Live Netherlands - Sessie 48: Nieuwe Check Point Workspace SecurityTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 09 Jul 2026 @ 11:00 AM (EDT)
Tips and Tricks 2026 #9 - What's New with Check Point Email SecurityFri 10 Jul 2026 @ 11:00 AM (IDT)
CheckMates Live Netherlands - Sessie 48: Nieuwe Check Point Workspace SecurityTue 14 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E11: READY OR NOT: Securing the AI Enterprise 3/5 - AI Workforce SecurityThu 30 Jul 2026 @ 10:00 AM (PDT)
AI Security Masters E12: READY OR NOT: Securing the AI Enterprise 4/5 - AI GatewayThu 20 Aug 2026 @ 10:00 AM (PDT)
AI Security Masters E13: READY OR NOT: Securing the AI Ent 5/5 - AI Research & Threat LandscapeAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY