cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Exclude Subnet


I don't want to configure split tunnel on the security gateway, I was wondering how I can exclude my subnet from full tunnel setup, is there any options?

11 Replies
Admin
Admin

Re: Question- Cant Access Local VMs when on VPN

Let's put this in the Remote Access‌ section where it belongs.

Looks like you can achieve what you're after by following this SK: Cannot exclude local network when connected to Remote Access VPN via Hub Mode 

Re: Exclude Subnet

Thanks Dameon, I followed your SK but it didnt help.

When ever I try to access a local resource (local VM on my PC), the traffic is still being sent through to SG.

I am trying to find a solution where i can have split tunnel enabled for my VPN (exclude local subnet going through SG which is enabled for hub mode) 

0 Kudos
Admin
Admin

Re: Exclude Subnet

Perhaps there is an error in the SK or there is a different issue.

Have you opened a TAC case?

Contact Support | Check Point Software 

0 Kudos

Re: Exclude Subnet

I have not as I dont have support contract with CP.

I there any solution where i can have split tunnel enabled for certain users on Checkpoint and other users will have to go through SG which is configured for Hub Mode?

0 Kudos
Admin
Admin

Re: Exclude Subnet

As far as I know this is a global setting.

That means either all users can do it or none can.

Did you modify trac_client_1.ttm as described in the SK?

Your partner (or whoever you have a support contract they) should be able to open a ticket with us as needed.

0 Kudos

Re: Exclude Subnet

Thanks Dameon

Is there any other option other than sk121766, to exclude local subnet from going through security gateways which is configured for HUB mode.

 I want to have split tunnel enabled for only specific users and other users I they will have to go through SG which is configured for Hub Mode?

Is it possible to configure split tunnel for some and full tunnel for other users ?

0 Kudos
Highlighted
Admin
Admin

Re: Exclude Subnet

As far as I know the settings apply to all users connecting to a given gateway but will double-check.

0 Kudos

Re: Exclude Subnet

thanks

Admin
Admin

Re: Exclude Subnet

Looks like you can configure the TTM file per group.

In fact, the exact scenario you want is described in the following SK: Remote Access clients configuration based on group membership 

Re: Exclude Subnet

Thanks Smiley Happy

0 Kudos
rajesh_s
Nickel

Re: Exclude Subnet

Hi Jessica,

Did you got the solution  for remote access vpn tunnel requirement?.

0 Kudos