Hey @Andy
it is not about the same issue! printing issue on vpn client has been resolved.
To summarize the solution of the printing issue while vpn client connected
1. Continued as it is, On gateway Cluster ---VPN Client ---Remote Access --Hub mode ---enable Allow VPN Clients to route traffic through this gateway
2. Continued as it is, On Global properties ---Remote acess-endpoint clients---Route all traffic to gateway---Yes
3. Office Mode network enable hid nat---This is very important
4. Endpoint Security Client under Sites > Properties > Settings: Do not route traffic for local network to the gateway
to make Do not route traffic for local network to the gateway,I put the files below in the security gateway steps (On both firewalls cluster memeber)
[Expert@MYCUSTOMER-EFW-01:0]# pwd
/home/admin
[Expert@MYCUSTOMER-EFW-01:0]# cd /opt/CPsuite-R81.20/fw1/conf/
[Expert@MYCUSTOMER-EFW-01:0]# ls
ADRealatedSchema.xsd
ADRealatedSchema.xsd.C
AMT.conf
AWS_regions.conf
Azure_environments.conf
CPver2ICSver.C
ClusterCopiedAttributes.C
ConversionCache
Credits.txt
DAIP_RS_Database.NDB
DaipCpdList.NDB
DejaVuSansCondensed-Bold.ttf
DejaVuSansCondensed.ttf
FileTypesResponse.xsd
GeoIPASNum2.csv
GeoIPASNum2v6.csv
GeoIPv6.csv
IdentityAwarenessSchema.xsd
ImagesResponse.xsd
InternalCA.C
IpToCountry.csv
LocalGWSetMap.json
LocalSetMap.json
MVS_Default.W
MobileDevices.xsd
MobileDevices.xsd.C
NAC_AGENT_VERSION.txt
ObfuscationInfo.txt
Oracle_regions.conf
PA
PA.cps
ParserDynamicAttacksTemplate.C
PrvnDbConfigFile.C
RealmsSchema.xsd
Redirect.pxy
RulePerformanceSchema.xml
Rulebase_classes.xsd
Rulebase_classes.xsd.C
SMC_Files
SessionUtilConf.xml
SignatureResponse.xsd
SmartConsole_interaction_objects.C
SplatPortal.xsd
TeSupportedAntexProcesses.xml
TeSupportedFileTypes.xml
TeSupportedImages.xml
TpConfInfinityModeMap
TpConfNoneModeMap
TpConfTraditionalModeMap
TrackerTree.C
UpgradeConf
UserCheck.xsd
UserCheck.xsd.C
VPNPlgSchema.xsd
VPNPlgSchema.xsd.C
VR_Default.W
WebQueryCache
XML
ZeroPhishingSchema.xsd
__StatefulPolicy__.W
ad_branches_sqlite_schema.C
ad_groups_sqlite_schema.C
ad_machines_sqlite_schema.C
ad_query_profiles.C
ad_users_sqlite_schema.C
additional_hardware.C
adlog.networks.exclude.C
adlog.users.exclude.C
adlog_domainname.dbida
adlog_muh.dbida
adlog_muh.dbidl
adlog_servacc.dbida
adlog_servacc.dbidl
admin_perm.C
ahclientd
allow_all.W_vpnddcate
am_profiles.C
am_protections_override.C
am_protections_override_sql_table.C
amon_fw.conf
amon_polsrv.conf
amon_vsx_refresh_interval
amz_classes.C
anti_malware.xsd
anti_malware.xsd.C
anti_malware.xsd.C.BC
anti_malware_exceptions.C
anti_malware_rulebase.C
anti_malware_rulebase.xsd
anti_malware_rulebase.xsd.C
anti_malware_rulebase_rules.C
anti_malware_rulebase_rules_sql_table.C
anti_malware_rulebase_sections.C
anti_malware_rulebase_sections_sql_table.C
anti_malware_rulebases.C
anti_malware_rulebases_sql_table.C
anti_malware_status_config.xml
antimalware_misc.C
antimalware_overview.C
antimalware_statistics.C
antispam_classes.C
appfw.xsd
appfw.xsd.C
appfw_misc.C
appfw_objects.C
appfw_objects_table.C
appi.cps
appi_status_config.xml
application_control_top_tables.C
application_control_top_tables_classes.C
application_control_top_tables_classes.xsd
applications_entitlement.C
applications_entitlement.C.orig
arial.ttf
arialbd.ttf
arialbi.ttf
ariali.ttf
armada
asm.cps
asm.lf
asm_params.C
authentication_objects.C
av_hash.eng
av_hash_prm.eng
avi_block_msg.html
avi_cvpn_block_msg.html
avi_cvpn_virus_msg.html
avi_license_msg.html
avi_virus_msg.html
base_fields.C
basic_rulebase_types.xsd
basic_rulebase_types.xsd.C
basic_types.xsd
bd_lock.pid
blades.cps
block_all.W_vpnddcate
broker_info
bypass_extensions_list.txt
ca.cps
calibri.ttf
calibrib.ttf
calibrii.ttf
calibril.ttf
calibrili.ttf
calibriz.ttf
central_license.cfg
certificate_services
changed_rules.C
ci.cps
ci_www
cihs.conf
ciu_lic.C
classes.C
classes.C_sp0
classes.C_sp1
classes.C_sp2
classes.C_sp3
classes.C_sp4
classgen_scheme.C
cluster_sync.conf
cmi_loader_ignore_lss_list
cmi_loader_pattern_info_db.json
commands_classes.C
components_reg.conf
connection_pipelining.conf
connection_pipelining_params.conf
connectra_classes.C
connectra_global_properties.C
connectra_policy.C
content_security.C
content_security_classes.C
countries.C
cp.lf
cp_services.C
cp_services_settings.C
cpext.cer
cpfc_status.C
cpha.conf
cpha_bond_ls_config.conf
cpha_global_pnotes.conf
cpha_specific_vlan_data.conf
cphaprob.conf
cphaprob.conf_clean
cpinfo_vpn1.conf
cplog_conf.C
cpmEnvVars.conf
cpm_doctor_checks.xml
cpmanifest.signed
cpmi_main_db_cfg.C
cpncs.cmdset
cpsc
crash_server.crt
crls
data_files.C
databases.C
db_sync-policy.xml
db_template
dbsync_config.C
defaultDatabase
defaultDatabaseForCma
default_asm.C
default_content_security.C
default_file_types.C
default_mime_types.C
default_objects.C_sp0
default_objects.C_sp1
default_objects.C_sp2
default_objects.C_sp3
default_objects.C_sp4
default_stat_table.xml
default_thresholds.C
defaultfilter.fwrl.conf
defaultfilter.pf
deny_lists
dle2cpmi_old.bat
dle_query_manager.xml
dle_schema.xsd
dlp.cps
dlp.xsd
dlp.xsd.C
dlp_block_gmail_msg.html
dlp_block_hotmail_msg.html
dlp_block_msg.html
dlp_block_self_approval_msg.html
dlp_data_Set2Sql_table.C
dlp_data_tbl.C
dlp_data_types_mapping.conf
dlp_status_config.xml
dlp_web_apps.conf
dlpda.cps
dlpda_status_config.xml
ds_diagnostics.conf
ds_irq_state.conf
ds_state.conf
ds_state_tmp.conf
ds_timestamps.conf
dtps.cps
dyn_attack_dyn_attribs_table.C
dyn_gw_schema.xsd
dyn_gw_schema.xsd.C
dyn_schema_base_types.xsd
dyn_schema_base_types.xsd.C
dyn_scheme_scripts_repository.xsd
dyn_scheme_scripts_repository.xsd.C
dyn_scheme_tasks_activities.xsd
dyn_scheme_tasks_activities.xsd.C
dyn_transactions_scheme.xsd
dyn_transactions_scheme.xsd.C
dynamic_split.conf
efo_url_blacklist
ela_str_id_fields.conf
embedded_applications.C
encrypted_only.W_vpnddcate
ep_common_client.xsd
ep_common_client.xsd.C
ep_common_client_tbl.C
ep_default_policies.C
ep_default_policies.conf
ep_eventia_event_details_fields.C
ep_eventia_event_fields.C
ep_fde.xsd
ep_fde.xsd.C
ep_fde_drivers.xsd
ep_fde_drivers.xsd.C
ep_fde_drivers_tbl.C
ep_fde_tbl.C
ep_objects.xsd
ep_objects.xsd.C
ep_orgp_ab_policy.xsd
ep_orgp_ab_policy.xsd.C
ep_orgp_ab_policy_tbl.C
ep_orgp_access_zones.xsd
ep_orgp_access_zones.xsd.C
ep_orgp_access_zones_tbl.C
ep_orgp_blades.xsd
ep_orgp_blades.xsd.C
ep_orgp_blades_tbl.C
ep_orgp_compliance.xsd
ep_orgp_compliance.xsd.C
ep_orgp_compliance_tbl.C
ep_orgp_docsec.xsd
ep_orgp_docsec.xsd.C
ep_orgp_docsec_tbl.C
ep_orgp_efr_policy.xsd
ep_orgp_efr_policy.xsd.C
ep_orgp_efr_policy_tbl.C
ep_orgp_fde_policy.xsd
ep_orgp_fde_policy.xsd.C
ep_orgp_fde_tbl.C
ep_orgp_fw_policy.xsd
ep_orgp_fw_policy.xsd.C
ep_orgp_fw_policy_tbl.C
ep_orgp_icons.C
ep_orgp_log_products.C
ep_orgp_me_files.xsd
ep_orgp_me_files.xsd.C
ep_orgp_me_files_tbl.C
ep_orgp_me_policy.xsd
ep_orgp_me_policy.xsd.C
ep_orgp_me_policy_tbl.C
ep_orgp_mw_policy.xsd
ep_orgp_mw_policy.xsd.C
ep_orgp_mw_policy_tbl.C
ep_orgp_objects_5_0.C
ep_orgp_objects_partial.xsd
ep_orgp_objects_partial.xsd.C
ep_orgp_onecheck.xsd
ep_orgp_onecheck.xsd.C
ep_orgp_onecheck_tbl.C
ep_orgp_self_help_policy.xsd
ep_orgp_self_help_policy.xsd.C
ep_orgp_self_help_policy_tbl.C
ep_orgp_te_policy.xsd
ep_orgp_te_policy.xsd.C
ep_orgp_te_policy_tbl.C
ep_orgp_te_scrub_parts.xsd
ep_orgp_te_scrub_parts.xsd.C
ep_orgp_te_scrub_parts_tbl.C
ep_orgp_urlf_policy.xsd
ep_orgp_urlf_policy.xsd.C
ep_orgp_urlf_policy_tbl.C
ep_orgp_webcheck.xsd
ep_orgp_webcheck.xsd.C
ep_orgp_webcheck_tbl.C
ep_push.xsd
ep_push.xsd.C
ep_push_tbl.C
ep_scheme.C
ep_scheme.conf
ep_tables.C
ep_tables.conf
ep_uepm_classes.xsd
ep_uepm_files.xsd
ep_uepm_files.xsd.C
ep_uepm_files_tbl.C
eps_notify.html
eps_notify.mail
equifax.cer
event_extraction.conf
eventia_cpmi_db_cfg.C
eventia_event_details_fields.C
eventia_event_fields.C
eventia_upgrade.C
events_db_tables.C
excludedTypesConfigurations.properties
ext_ioc_stat.xml_cpdiag
extender
external_cloud.crt
f2ht-bin-sfxs
f2ht-msgs
fast_verifier_config
fields.C
file_classification.conf
file_convert.conf
file_extensions.json
file_types.C
fip_conf.json
fw.cps
fw.lf
fw_client_1.ttm
fwaccel_dos_rate_on_install
fwaffinity.conf
fwauthd.conf
fwauthd.conf.bak
fwc_handler_id_cache.conf
fwfonic.conf
fwm_dispatcher.conf
fwmaddon
fwopsec.conf
fwrl.conf
grc.conf
grc.xsd
grc.xsd.C
grc_conditions3.xml
grc_controls.xml
grc_controls_table.C
grc_test_elements_table.C
groups.xsd
gw_policies
gw_schema_changed
gw_schema_changes_reloaded
gx.cps
gx.lf
hit_count_rules_cfg.C
hit_count_rules_table.C
hsm_configuration.C
https_inspection.cps
https_sites_table.C
ia_alias_ips.conf
ica
icap_client_blade_configuration.C
icons.C
ics_classes.C
ics_configuration.C
icspogo.xml
idc_muh.db
identity_awareness_classes.C
identity_awareness_custom_settings.C
identity_broker.C
identity_broker_template.C
identity_server.cps
identity_sources_scores.C
identity_sources_scores_template.C
identity_tags.C
ifi_file_types.json
ifi_secret_key
ifi_server_config.json
implicit_rule.C
implied_rules_template.C
important_implied_rules.C
initial_management.pf
initial_module.pf
initial_secondary.pf
inspect.lf
inspect_file_mode.C
install_manager
install_manager_config.xml
install_manager_config.xsd
ioc_feeder.conf
ioc_feeder_backup.conf
ioc_items.C
ioc_items_sql_table.C
iot-on-board.conf
ip_accel.eng
ip_port_feed.conf
ip_rep_stat.xml
ip_rep_stat.xml_cpdiag
ipassignment.conf
iphone_client_1.ttm
ips.cps
ipsDomainObjects.C
ips_classes.C
ips_ctx_map.C
ips_db_cfg.C
ips_enhance.C
ips_exceptions_table.C
ips_granular_contexts.C
ips_implied_exceptions_tbl.C
ips_protections_per_profile_table.C
ips_status_config.xml
ips_tags.C
ips_tags_definitions.C
ipspkg.inspect_exc.txt
itp_file_types.json
itp_gw.json
krb5.conf
languages.C
lc_objects.C
lc_rules.conf
lea_server_unification_scheme.C
lists
local.arp
local.lp
local.scv
localChangesFiles.json
log4j2.xml
log_actions.C
log_field_client_types.C
log_field_server_types.C
log_fields.C
log_fields_classes.C
log_maintenance_profiles.C
log_policy.C
log_policy_default.C
log_policy_extended.C.example
log_products.C
log_unification_scheme.C
log_unification_scheme_cloud.C
logexport_default.C
ls.cps
magic_families
mail_security_config
malware.eng
malware_av_archive_params.C
malware_config
malware_gen_params.C
malware_gen_params_config.C
malware_load_sigs_report
malware_mta
malware_prm.eng
manifest.C
masters
mdm.conf
meiryo.ttc
meiryob.ttc
memoryinfo.conf
mg.cps
mgmt_versions_config.C
misc.xsd
misc.xsd.C
mobile_profiles.C
mobile_profiles_rulebase.C
mobile_push_notifications.C
msgothic.ttc
mta_av.cfg
mta_ver
multi_portal.cipher
multi_portals.xsd
multiportal_gw_certs.C
mv_doc.C
nac_agents.C
nac_multi_sic.C
nac_service_modules.C
ncode.C
nemo_client_1.ttm
neo_client_1.ttm
network_applications.C
nku_from_gw
notify_cert_revocation_vsx.conf
objects.C
objects.C_41
observable_overrides.C
osfingerprint.eng
outbound_and_encrypted.W_vpnddcate
parserTopicToSdTopicMappings.C
patternsToDelete.conf
pdp_session_conciliation.C
pdp_session_conciliation_template.C
pep_conciliation_scores.C
periodic_crash_detection.conf
pg_setup.conf
plug_ins.conf
plugin_metafile.C
pm_stats_collect_diag.csv
pm_stats_collect_diag.csv.analyzer.json
policies_last_update_time.C
policy.xml
portal_status_cmd.conf
prioq.conf
products_updates.C
productsinfo_bc.C
protection_details.xsd
protections.xsd
prov_agent_state.conf
prov_db_cfg.C
prov_scripts_repository_predefined.C
prov_table_scheme_activities.C
prov_table_scheme_scripts_repository.C
prov_table_scheme_tasks.C
provision_classes.C
provision_db.conf
provision_dict.conf
provision_plugins.conf
provisioning_agent.conf
prvn_action_targets_table.C
prvn_actions_table.C
prvn_command_groups_table.C
prvn_commands_table.C
prvn_device_confs_table.C
prvn_fields_def.conf
prvn_last_action_id_table.C
prvn_os_commands_table.C
prvn_profiles_table.C
prvn_script_repository_table.C
prvn_script_results_table.C
prvn_signature_table.C
prvn_summary_table.C
pushd.conf
rad_cloud_settings.C
rad_conf.C
rad_scheme.C
rad_scheme_sms.C
rad_services_classes.C
rad_settings.C
realm_objects.C
realms_schema.C
recovery
refs.C
remote_auth_specific_perms.C
remote_connector.conf
ren_ips_protections_overrides.C
reporting_classes.C
reporting_fields.C
reporting_unification_scheme.C
robo_end_point_statuses_sql_table.C
rtmclasses.C
rule_adtr.C
rule_template.set
rulebase_actions.C
rulebase_actions_table.C
rulebase_entity_local_instance.C
rulebase_entity_local_instance_sql_mappings.C
rulebase_template.set
rulebase_tracks.C
rulebase_tracks_table.C
rulebases_dlp.fws
saml.C
sb_file_types_support.C
sb_scrub_parts.C
scheme.C
scrub
scrub.cps
scrub.xsd
scrub.xsd.C
scrub_db.sqlite
scrub_db.sqlite-shm
scrub_db.sqlite-wal
scrub_debug.conf
scrub_file_type_allowed_action_mta
scrub_file_type_allowed_action_web
scrub_status_config.xml
scrub_stripped.html
scrub_stripped_without_uc_link.html
scrub_supported_dlp_file_types
scrub_supported_file_types
scrub_watermark
scrub_web_additional_file_types
scur2surf.conf
sdTopicToParserTopic.C
sd_topic_categories.C
sd_topics.C
sd_topics_table.C
sdwan
security_rulebase.xsd
security_rulebase.xsd.C
security_rulebase_rules_sql_mappings.C
security_rulebase_sections_sql_mappings.C
security_rulebases_sql_mappings.C
sem_asm_sqlite_cfg.C
sem_input_sessions.C
sem_logical_input_sessions.C
sem_objects.C
sem_products.C
sem_views_collections.C
semclasses.C
semsyncclasses.C
serverSettings.props
service_modules.C
sessionFieldsCommon.C
sessionFieldsMab.C
sessionIS.C
sessiond.C
settings_policy_defaults.json
sfw_classes.C
shadow_objects.C
shared
slim_fw_types.C
smartlog_command.conf
smtp.conf
snmp.C
snmpTrap
sofaware
sofaware_addon_netobjs.C
software_blades.C
spii.C
spike_detective_conf.xml
sqlite
ssl_certificates.C
ssl_classes.C
ssl_inspection_rulebase.xsd
ssl_inspection_rulebase.xsd.C
ssl_inspection_table.C
status_config_NAC.xml
status_error_msgs.C
stormc_opsec.conf
su_dict.conf
susp_ip_tbl_config.C
susp_ip_tbl_fields.C
susp_ip_tbl_scheme.C
svt_commonly_used_fields.C
svt_fields.C
symmetricDS_configuration.C
synatk.conf
synatk.conf.new
synced_tmp
syslog
tables.C
tables.local.C
tablesC_defaultSnapshot
tdlog.upgrade
tdlog.upgradeServer
tdlog_topic.xml
te.conf
te_attributes.conf
te_cache_purger_init_request
te_cloud_uuid
te_extractors.conf
te_file_types.C
te_file_types.xml
te_file_types_sql_table.C
te_file_types_support.C
te_file_types_support_sql_table.C
te_images.C
te_images_sql_table.C
te_persistency_db
te_recommended_emu_envs.xml
te_remote_gw_ca_bundle.pem
te_tcsi_db
te_tcsi_db-shm
te_tcsi_db-wal
te_tcsi_db.bak
te_updates_reporter_db
te_url_rep_db
te_white_domains_db
te_white_exe_certs_db
te_whitelist_files.C
ted_emulator.crt
ted_local_db
template.json
template_ext_ioc_stat.xml
template_ip_rep_stat.xml
template_scrub_user.conf
tex_engine_version
threat_emulation.xsd
threat_emulation.xsd.C
threat_emulation_db_cfg.C
threat_emulation_status_config.xml
threat_ips_non_approved_gateways.C
thresholds.conf
topo
topology_trans_tmpl.ttm
tp_conf.json
tpd_rad_services.C
trac_client_1.ttm
trac_client_1.ttm.BACKUP
trad_file_types.json
translation_rules.C
trapexec.conf
ttm.conf
uc_db.sqlite
udm_portal_classes.C
udm_portal_objects.C
uepmConfFiles.conf
uepm_classes.C
uf_block_msg.html
uf_classes.C
update_install_statuses_table.conf
updates.def
upgradeScheme
upip.C
urlf.cps
urlf_groups_table.C
urlf_objects_table.C
urlf_status_config.xml
urlrep.eng
urlrep_prm.eng
user.def.CON66CMP
user.def.EdgeCmp
user.def.FLICMP
user.def.FW1
user.def.NGXCMP
user.def.R7520CMP
user.def.R7540CMP
user.def.R7540VSCMP
user.def.R75CMP
user.def.R76CMP
user.def.R77CMP
user.def.R8040CMP
user.def.SFWCMP
user.def.SFWR75CMP
user.def.SFWR77CMP
user.def.V40CMP
user_check_interactions.C
userdef.C
users_monitor
usfw_machines.conf
usrchkd.conf
ver.txt
voip_classes.C
voip_objects.C
vpn.cps
vpn.lf
vpn_client_1.ttm
vpn_route.conf
vpn_service_based_routing.conf
vpnmond.C
vpnmonitor.C
vsaffinity_exception.conf
vsec.conf
vsec.cps
vsx.cps
vsx_classes.C
vsx_cpview_defs
vsxm_new_cmds.conf
wac_uninstall.C
watermark_user_settings.json
webservices_dispatcher.conf
wf_config.C
whitelist
whitelist.20190603
yara
zph.cps
zph_attributes.conf
zph_status_config.xml
[Expert@MYCUSTOMER-EFW-01:0]#cp trac_client_1.ttm trac_client_1.ttm.BACKUP
add the file to trac_client_1.ttm
)
:exclude_local_networks_in_hub_mode (
:gateway (
:default (client_decide)
)
)
[Expert@MYCUSTOMER-EFW-01:0]# vi trac_client_1.ttm
(
:trac_client_1 (
:neo_remember_user_password (
:gateway (endpoint_vpn_remember_user_password
:default (client_decide)
)
)
:neo_remember_user_password_timeout (
:gateway (endpoint_vpn_remember_user_password_timeout
:default (client_decide)
)
)
:neo_always_connected (
:gateway (endpoint_vpn_always_connected
:default (client_decide)
)
)
:neo_always_connected_retry (
:gateway (endpoint_vpn_always_connected_retry
:default (client_decide)
)
)
:neo_user_re_auth_timeout (
:gateway (endpoint_vpn_user_re_auth_timeout
:default (client_decide)
)
)
:neo_keep_alive_timeout (
:gateway (endpoint_vpn_keep_alive_timeout
:default (client_decide)
)
)
:location_awareness_enabled (
:gateway (
:default (client_decide)
)
)
:location_awareness_wlan_networks_are_outside (
:gateway (la_detect_wlan_as_external
:default (client_decide)
)
)
:location_awareness_wlan_network_names_not_outside (
:gateway (la_wlan_networks_exceptions
:ext (get_wireless_networks)
:default (client_decide)
)
)
:location_awareness_dns_suffixes_not_outside (
:gateway (la_defined_dns_suffixes
:ext (get_dns_suffixes)
:default (client_decide)
)
)
:location_awareness_dc_check (
:gateway (la_prefer_dc_over_internal_network
:default (client_decide)
)
)
:location_awareness_cache_locations (
:gateway (la_cache_external_networks
:default (client_decide)
)
)
:location_awareness_cache_internal_locations (
:gateway (
:default (client_decide)
)
)
:neo_disconnect_when_idle (
:gateway (endpoint_vpn_disconnect_when_idle
:default (client_decide)
)
)
:neo_disconnect_when_idle_timeout (
:gateway (endpoint_vpn_disconnect_when_idle_timeout
:default (client_decide)
)
)
:neo_route_all_traffic_through_gateway (
:gateway (endpoint_vpn_route_all_traffic_through_gateway
:default (client_decide)
)
)
:neo_implicit_disconnect (
:gateway (endpoint_vpn_implicit_disconnect
:default (client_decide)
)
)
:neo_implicit_disconnect_timeout (
:gateway (endpoint_vpn_implicit_disconnect_timeout
:default (client_decide)
)
)
:send_client_logs (
:gateway (
:default (client_decide)
)
)
:enable_capi (
:gateway (
:default (client_decide)
)
)
:enable_gw_resolving (
:gateway (
:default (client_decide)
)
)
:certificate_key_length (
:gateway (
:default (client_decide)
)
)
:certificate_strong_protection (
:gateway (
:default (client_decide)
)
)
:certificate_provider (
:gateway (
:default (client_decide)
)
)
:certificate_auto_renewal_threshold (
:gateway (
:default (client_decide)
)
)
:internal_ca_site (
:gateway (
:default (client_decide)
)
)
:internal_ca_dn (
:gateway (
:default (client_decide)
)
)
:tunnel_idleness_timeout (
:gateway (
:ext (tunnel_idleness_timeout)
:default (client_decide)
)
)
:tunnel_idleness_ignored_tcp_ports (
:gateway (
:ext (tunnel_idleness_ignored_tcp_ports)
:default (client_decide)
)
)
:tunnel_idleness_ignored_udp_ports (
:gateway (
:ext (tunnel_idleness_ignored_udp_ports)
:default (client_decide)
)
)
:tunnel_idleness_ignore_icmp (
:gateway (
:ext (tunnel_idleness_ignore_icmp)
:default (client_decide)
)
)
:disconnect_on_smartcard_removal (
:gateway (
:default (client_decide)
)
)
:hotspot_detection_enabled (
:gateway (
:default (false)
)
)
:hotspot_registration_enabled (
:gateway (
:default (false)
)
)
:flush_dns_cache (
:gateway (
:default (client_decide)
)
)
:do_proxy_replacement (
:gateway (
:default (client_decide)
)
)
:default_authentication_method (
:gateway (
:map (
:username-password (username-password)
:challenge-response (challenge-response)
:certificate (certificate)
:p12-certificate (p12-certificate)
:securIDKeyFob (securIDKeyFob)
:securIDPinPad (securIDPinPad)
:SoftID (SoftID)
:client_decide (client_decide)
)
:default (client_decide)
)
)
:mep_mode (
:gateway (
:map (
:dns_based (dns_based)
:first_to_respond (first_to_respond)
:primary_backup (primary_backup)
:load_sharing (load_sharing)
:client_decide (client_decide)
)
:default (client_decide)
)
)
:ips_of_gws_in_mep (
:gateway (
:default (client_decide)
)
)
:suspend_tunnel_while_locked (
:gateway (
:default (client_decide)
)
)
:neo_check_crl (
:gateway (
:default (client_decide)
)
)
:recovery_helpdesk_phone_number (
:gateway (
:default (profile_decide)
)
)
:run_isw (
:gateway (
:default (client_decide)
)
)
:enable_firewall (
:gateway (
:map (
:false (false)
:true (true)
:client_decide (client_decide)
)
:default (true)
)
)
:firewall_policy (
:gateway (
:map (
:allow_all (allow_all)
:outgoing_only (outgoing_only)
:outgoing_and_encrypted (outgoing_and_encrypted)
:encrypted_only (encrypted_only)
:block_all (block_all)
:desktop_policy (desktop_policy)
:client_decide (client_decide)
)
:default (desktop_policy)
)
)
:allow_disable_firewall (
:gateway (
:map (
:false (false)
:true (true)
:client_decide (client_decide)
)
:default (false)
)
)
:fw_log_upload_enable (
:gateway (
:map (
:false (false)
:true (true)
:client_decide (client_decide)
)
:default (true)
)
)
:number_of_tracker_log_files_limit (
:gateway (
:default (client_decide)
)
)
:tracker_log_file_size_limit (
:gateway (
:default (client_decide)
)
)
:remove_log_files_after_sending (
:gateway (
:map (
:false (false)
:true (true)
:client_decide (client_decide)
)
:default (client_decide)
)
)
:post_connect_script_show_window (
:gateway (desktop_post_connect_script_show_window
:default (client_decide)
)
)
:post_connect_script (
:gateway (desktop_post_connect_script
:default (client_decide)
)
)
:allow_clear_traffic_while_disconnected (
:gateway (
:default (client_decide)
)
)
:om_extended_dhcp_params (
:gateway (
:const (true)
)
)
:fw_hotspot_ports (
:gateway (ports
:ext (get_hotspot_ports)
:default (80ᾐƻל&#)
)
)
:fw_enable_hotspot (
:gateway (enabled
:default (true)
)
)
:fw_hotspot_connect_timeout (
:gateway (connect_timeout
:default (540)
)
)
:fw_hotspot_log (
:gateway (log
:default (false)
)
)
:automatic_mep_topology (
:gateway (
:map (
:false (false)
:true (true)
:client_decide (client_decide)
)
:default (true)
)
)
:allow_ipv6 (
:gateway (
:default (client_decide)
)
)
:min_P12_password_length (
:gateway (
:default (client_decide)
)
)
:keep_alive (
:gateway (
:default (client_decide)
)
)
:keep_alive_interval (
:gateway (
:default (client_decide)
)
)
:automatic_capi_reauthentication (
:gateway (
:default (client_decide)
)
)
:exclude_local_networks_in_hub_mode (
:gateway (
:default (client_decide)
)
)
)
)
5. Install the policy
6. Delete and create as new the site on the VPN endpoint client
7. login using username and password
8. Right click the VPN client under notification bar--VPN Options--Properties---> Settings ---check Do not route traffic for local network to the gateway
9. Disconnet the vpn client
10. Connect with username and password
11. After all this first setup, no need to do it everytime, we need to connect using username and password.
12. VPN client users can access the local networks and also thier company site resources as well.
Hey @Andy
it is not about the same issue! printing issue on vpn client has been resolved.
To summarize the solution of the printing issue while vpn client connected
1. Continued as it is, On gateway Cluster ---VPN Client ---Remote Access --Hub mode ---enable Allow VPN Clients to route traffic through this gateway
2. Continued as it is, On Global properties ---Remote acess-endpoint clients---Route all traffic to gateway---Yes
3. Office Mode network enable hid nat---This is very important
4. Endpoint Security Client under Sites > Properties > Settings: Do not route traffic for local network to the gateway
to make Do not route traffic for local network to the gateway,I put the files below in the security gateway steps (On both firewalls cluster memeber)
[Expert@MYCUSTOMER-EFW-01:0]# pwd
/home/admin
[Expert@MYCUSTOMER-EFW-01:0]# cd /opt/CPsuite-R81.20/fw1/conf/
[Expert@MYCUSTOMER-EFW-01:0]# ls
ADRealatedSchema.xsd
ADRealatedSchema.xsd.C
AMT.conf
AWS_regions.conf
Azure_environments.conf
CPver2ICSver.C
ClusterCopiedAttributes.C
ConversionCache
Credits.txt
DAIP_RS_Database.NDB
DaipCpdList.NDB
DejaVuSansCondensed-Bold.ttf
DejaVuSansCondensed.ttf
FileTypesResponse.xsd
GeoIPASNum2.csv
GeoIPASNum2v6.csv
GeoIPv6.csv
IdentityAwarenessSchema.xsd
ImagesResponse.xsd
InternalCA.C
IpToCountry.csv
LocalGWSetMap.json
LocalSetMap.json
MVS_Default.W
MobileDevices.xsd
MobileDevices.xsd.C
NAC_AGENT_VERSION.txt
ObfuscationInfo.txt
Oracle_regions.conf
PA
PA.cps
ParserDynamicAttacksTemplate.C
PrvnDbConfigFile.C
RealmsSchema.xsd
Redirect.pxy
RulePerformanceSchema.xml
Rulebase_classes.xsd
Rulebase_classes.xsd.C
SMC_Files
SessionUtilConf.xml
SignatureResponse.xsd
SmartConsole_interaction_objects.C
SplatPortal.xsd
TeSupportedAntexProcesses.xml
TeSupportedFileTypes.xml
TeSupportedImages.xml
TpConfInfinityModeMap
TpConfNoneModeMap
TpConfTraditionalModeMap
TrackerTree.C
UpgradeConf
UserCheck.xsd
UserCheck.xsd.C
VPNPlgSchema.xsd
VPNPlgSchema.xsd.C
VR_Default.W
WebQueryCache
XML
ZeroPhishingSchema.xsd
__StatefulPolicy__.W
ad_branches_sqlite_schema.C
ad_groups_sqlite_schema.C
ad_machines_sqlite_schema.C
ad_query_profiles.C
ad_users_sqlite_schema.C
additional_hardware.C
adlog.networks.exclude.C
adlog.users.exclude.C
adlog_domainname.dbida
adlog_muh.dbida
adlog_muh.dbidl
adlog_servacc.dbida
adlog_servacc.dbidl
admin_perm.C
ahclientd
allow_all.W_vpnddcate
am_profiles.C
am_protections_override.C
am_protections_override_sql_table.C
amon_fw.conf
amon_polsrv.conf
amon_vsx_refresh_interval
amz_classes.C
anti_malware.xsd
anti_malware.xsd.C
anti_malware.xsd.C.BC
anti_malware_exceptions.C
anti_malware_rulebase.C
anti_malware_rulebase.xsd
anti_malware_rulebase.xsd.C
anti_malware_rulebase_rules.C
anti_malware_rulebase_rules_sql_table.C
anti_malware_rulebase_sections.C
anti_malware_rulebase_sections_sql_table.C
anti_malware_rulebases.C
anti_malware_rulebases_sql_table.C
anti_malware_status_config.xml
antimalware_misc.C
antimalware_overview.C
antimalware_statistics.C
antispam_classes.C
appfw.xsd
appfw.xsd.C
appfw_misc.C
appfw_objects.C
appfw_objects_table.C
appi.cps
appi_status_config.xml
application_control_top_tables.C
application_control_top_tables_classes.C
application_control_top_tables_classes.xsd
applications_entitlement.C
applications_entitlement.C.orig
arial.ttf
arialbd.ttf
arialbi.ttf
ariali.ttf
armada
asm.cps
asm.lf
asm_params.C
authentication_objects.C
av_hash.eng
av_hash_prm.eng
avi_block_msg.html
avi_cvpn_block_msg.html
avi_cvpn_virus_msg.html
avi_license_msg.html
avi_virus_msg.html
base_fields.C
basic_rulebase_types.xsd
basic_rulebase_types.xsd.C
basic_types.xsd
bd_lock.pid
blades.cps
block_all.W_vpnddcate
broker_info
bypass_extensions_list.txt
ca.cps
calibri.ttf
calibrib.ttf
calibrii.ttf
calibril.ttf
calibrili.ttf
calibriz.ttf
central_license.cfg
certificate_services
changed_rules.C
ci.cps
ci_www
cihs.conf
ciu_lic.C
classes.C
classes.C_sp0
classes.C_sp1
classes.C_sp2
classes.C_sp3
classes.C_sp4
classgen_scheme.C
cluster_sync.conf
cmi_loader_ignore_lss_list
cmi_loader_pattern_info_db.json
commands_classes.C
components_reg.conf
connection_pipelining.conf
connection_pipelining_params.conf
connectra_classes.C
connectra_global_properties.C
connectra_policy.C
content_security.C
content_security_classes.C
countries.C
cp.lf
cp_services.C
cp_services_settings.C
cpext.cer
cpfc_status.C
cpha.conf
cpha_bond_ls_config.conf
cpha_global_pnotes.conf
cpha_specific_vlan_data.conf
cphaprob.conf
cphaprob.conf_clean
cpinfo_vpn1.conf
cplog_conf.C
cpmEnvVars.conf
cpm_doctor_checks.xml
cpmanifest.signed
cpmi_main_db_cfg.C
cpncs.cmdset
cpsc
crash_server.crt
crls
data_files.C
databases.C
db_sync-policy.xml
db_template
dbsync_config.C
defaultDatabase
defaultDatabaseForCma
default_asm.C
default_content_security.C
default_file_types.C
default_mime_types.C
default_objects.C_sp0
default_objects.C_sp1
default_objects.C_sp2
default_objects.C_sp3
default_objects.C_sp4
default_stat_table.xml
default_thresholds.C
defaultfilter.fwrl.conf
defaultfilter.pf
deny_lists
dle2cpmi_old.bat
dle_query_manager.xml
dle_schema.xsd
dlp.cps
dlp.xsd
dlp.xsd.C
dlp_block_gmail_msg.html
dlp_block_hotmail_msg.html
dlp_block_msg.html
dlp_block_self_approval_msg.html
dlp_data_Set2Sql_table.C
dlp_data_tbl.C
dlp_data_types_mapping.conf
dlp_status_config.xml
dlp_web_apps.conf
dlpda.cps
dlpda_status_config.xml
ds_diagnostics.conf
ds_irq_state.conf
ds_state.conf
ds_state_tmp.conf
ds_timestamps.conf
dtps.cps
dyn_attack_dyn_attribs_table.C
dyn_gw_schema.xsd
dyn_gw_schema.xsd.C
dyn_schema_base_types.xsd
dyn_schema_base_types.xsd.C
dyn_scheme_scripts_repository.xsd
dyn_scheme_scripts_repository.xsd.C
dyn_scheme_tasks_activities.xsd
dyn_scheme_tasks_activities.xsd.C
dyn_transactions_scheme.xsd
dyn_transactions_scheme.xsd.C
dynamic_split.conf
efo_url_blacklist
ela_str_id_fields.conf
embedded_applications.C
encrypted_only.W_vpnddcate
ep_common_client.xsd
ep_common_client.xsd.C
ep_common_client_tbl.C
ep_default_policies.C
ep_default_policies.conf
ep_eventia_event_details_fields.C
ep_eventia_event_fields.C
ep_fde.xsd
ep_fde.xsd.C
ep_fde_drivers.xsd
ep_fde_drivers.xsd.C
ep_fde_drivers_tbl.C
ep_fde_tbl.C
ep_objects.xsd
ep_objects.xsd.C
ep_orgp_ab_policy.xsd
ep_orgp_ab_policy.xsd.C
ep_orgp_ab_policy_tbl.C
ep_orgp_access_zones.xsd
ep_orgp_access_zones.xsd.C
ep_orgp_access_zones_tbl.C
ep_orgp_blades.xsd
ep_orgp_blades.xsd.C
ep_orgp_blades_tbl.C
ep_orgp_compliance.xsd
ep_orgp_compliance.xsd.C
ep_orgp_compliance_tbl.C
ep_orgp_docsec.xsd
ep_orgp_docsec.xsd.C
ep_orgp_docsec_tbl.C
ep_orgp_efr_policy.xsd
ep_orgp_efr_policy.xsd.C
ep_orgp_efr_policy_tbl.C
ep_orgp_fde_policy.xsd
ep_orgp_fde_policy.xsd.C
ep_orgp_fde_tbl.C
ep_orgp_fw_policy.xsd
ep_orgp_fw_policy.xsd.C
ep_orgp_fw_policy_tbl.C
ep_orgp_icons.C
ep_orgp_log_products.C
ep_orgp_me_files.xsd
ep_orgp_me_files.xsd.C
ep_orgp_me_files_tbl.C
ep_orgp_me_policy.xsd
ep_orgp_me_policy.xsd.C
ep_orgp_me_policy_tbl.C
ep_orgp_mw_policy.xsd
ep_orgp_mw_policy.xsd.C
ep_orgp_mw_policy_tbl.C
ep_orgp_objects_5_0.C
ep_orgp_objects_partial.xsd
ep_orgp_objects_partial.xsd.C
ep_orgp_onecheck.xsd
ep_orgp_onecheck.xsd.C
ep_orgp_onecheck_tbl.C
ep_orgp_self_help_policy.xsd
ep_orgp_self_help_policy.xsd.C
ep_orgp_self_help_policy_tbl.C
ep_orgp_te_policy.xsd
ep_orgp_te_policy.xsd.C
ep_orgp_te_policy_tbl.C
ep_orgp_te_scrub_parts.xsd
ep_orgp_te_scrub_parts.xsd.C
ep_orgp_te_scrub_parts_tbl.C
ep_orgp_urlf_policy.xsd
ep_orgp_urlf_policy.xsd.C
ep_orgp_urlf_policy_tbl.C
ep_orgp_webcheck.xsd
ep_orgp_webcheck.xsd.C
ep_orgp_webcheck_tbl.C
ep_push.xsd
ep_push.xsd.C
ep_push_tbl.C
ep_scheme.C
ep_scheme.conf
ep_tables.C
ep_tables.conf
ep_uepm_classes.xsd
ep_uepm_files.xsd
ep_uepm_files.xsd.C
ep_uepm_files_tbl.C
eps_notify.html
eps_notify.mail
equifax.cer
event_extraction.conf
eventia_cpmi_db_cfg.C
eventia_event_details_fields.C
eventia_event_fields.C
eventia_upgrade.C
events_db_tables.C
excludedTypesConfigurations.properties
ext_ioc_stat.xml_cpdiag
extender
external_cloud.crt
f2ht-bin-sfxs
f2ht-msgs
fast_verifier_config
fields.C
file_classification.conf
file_convert.conf
file_extensions.json
file_types.C
fip_conf.json
fw.cps
fw.lf
fw_client_1.ttm
fwaccel_dos_rate_on_install
fwaffinity.conf
fwauthd.conf
fwauthd.conf.bak
fwc_handler_id_cache.conf
fwfonic.conf
fwm_dispatcher.conf
fwmaddon
fwopsec.conf
fwrl.conf
grc.conf
grc.xsd
grc.xsd.C
grc_conditions3.xml
grc_controls.xml
grc_controls_table.C
grc_test_elements_table.C
groups.xsd
gw_policies
gw_schema_changed
gw_schema_changes_reloaded
gx.cps
gx.lf
hit_count_rules_cfg.C
hit_count_rules_table.C
hsm_configuration.C
https_inspection.cps
https_sites_table.C
ia_alias_ips.conf
ica
icap_client_blade_configuration.C
icons.C
ics_classes.C
ics_configuration.C
icspogo.xml
idc_muh.db
identity_awareness_classes.C
identity_awareness_custom_settings.C
identity_broker.C
identity_broker_template.C
identity_server.cps
identity_sources_scores.C
identity_sources_scores_template.C
identity_tags.C
ifi_file_types.json
ifi_secret_key
ifi_server_config.json
implicit_rule.C
implied_rules_template.C
important_implied_rules.C
initial_management.pf
initial_module.pf
initial_secondary.pf
inspect.lf
inspect_file_mode.C
install_manager
install_manager_config.xml
install_manager_config.xsd
ioc_feeder.conf
ioc_feeder_backup.conf
ioc_items.C
ioc_items_sql_table.C
iot-on-board.conf
ip_accel.eng
ip_port_feed.conf
ip_rep_stat.xml
ip_rep_stat.xml_cpdiag
ipassignment.conf
iphone_client_1.ttm
ips.cps
ipsDomainObjects.C
ips_classes.C
ips_ctx_map.C
ips_db_cfg.C
ips_enhance.C
ips_exceptions_table.C
ips_granular_contexts.C
ips_implied_exceptions_tbl.C
ips_protections_per_profile_table.C
ips_status_config.xml
ips_tags.C
ips_tags_definitions.C
ipspkg.inspect_exc.txt
itp_file_types.json
itp_gw.json
krb5.conf
languages.C
lc_objects.C
lc_rules.conf
lea_server_unification_scheme.C
lists
local.arp
local.lp
local.scv
localChangesFiles.json
log4j2.xml
log_actions.C
log_field_client_types.C
log_field_server_types.C
log_fields.C
log_fields_classes.C
log_maintenance_profiles.C
log_policy.C
log_policy_default.C
log_policy_extended.C.example
log_products.C
log_unification_scheme.C
log_unification_scheme_cloud.C
logexport_default.C
ls.cps
magic_families
mail_security_config
malware.eng
malware_av_archive_params.C
malware_config
malware_gen_params.C
malware_gen_params_config.C
malware_load_sigs_report
malware_mta
malware_prm.eng
manifest.C
masters
mdm.conf
meiryo.ttc
meiryob.ttc
memoryinfo.conf
mg.cps
mgmt_versions_config.C
misc.xsd
misc.xsd.C
mobile_profiles.C
mobile_profiles_rulebase.C
mobile_push_notifications.C
msgothic.ttc
mta_av.cfg
mta_ver
multi_portal.cipher
multi_portals.xsd
multiportal_gw_certs.C
mv_doc.C
nac_agents.C
nac_multi_sic.C
nac_service_modules.C
ncode.C
nemo_client_1.ttm
neo_client_1.ttm
network_applications.C
nku_from_gw
notify_cert_revocation_vsx.conf
objects.C
objects.C_41
observable_overrides.C
osfingerprint.eng
outbound_and_encrypted.W_vpnddcate
parserTopicToSdTopicMappings.C
patternsToDelete.conf
pdp_session_conciliation.C
pdp_session_conciliation_template.C
pep_conciliation_scores.C
periodic_crash_detection.conf
pg_setup.conf
plug_ins.conf
plugin_metafile.C
pm_stats_collect_diag.csv
pm_stats_collect_diag.csv.analyzer.json
policies_last_update_time.C
policy.xml
portal_status_cmd.conf
prioq.conf
products_updates.C
productsinfo_bc.C
protection_details.xsd
protections.xsd
prov_agent_state.conf
prov_db_cfg.C
prov_scripts_repository_predefined.C
prov_table_scheme_activities.C
prov_table_scheme_scripts_repository.C
prov_table_scheme_tasks.C
provision_classes.C
provision_db.conf
provision_dict.conf
provision_plugins.conf
provisioning_agent.conf
prvn_action_targets_table.C
prvn_actions_table.C
prvn_command_groups_table.C
prvn_commands_table.C
prvn_device_confs_table.C
prvn_fields_def.conf
prvn_last_action_id_table.C
prvn_os_commands_table.C
prvn_profiles_table.C
prvn_script_repository_table.C
prvn_script_results_table.C
prvn_signature_table.C
prvn_summary_table.C
pushd.conf
rad_cloud_settings.C
rad_conf.C
rad_scheme.C
rad_scheme_sms.C
rad_services_classes.C
rad_settings.C
realm_objects.C
realms_schema.C
recovery
refs.C
remote_auth_specific_perms.C
remote_connector.conf
ren_ips_protections_overrides.C
reporting_classes.C
reporting_fields.C
reporting_unification_scheme.C
robo_end_point_statuses_sql_table.C
rtmclasses.C
rule_adtr.C
rule_template.set
rulebase_actions.C
rulebase_actions_table.C
rulebase_entity_local_instance.C
rulebase_entity_local_instance_sql_mappings.C
rulebase_template.set
rulebase_tracks.C
rulebase_tracks_table.C
rulebases_dlp.fws
saml.C
sb_file_types_support.C
sb_scrub_parts.C
scheme.C
scrub
scrub.cps
scrub.xsd
scrub.xsd.C
scrub_db.sqlite
scrub_db.sqlite-shm
scrub_db.sqlite-wal
scrub_debug.conf
scrub_file_type_allowed_action_mta
scrub_file_type_allowed_action_web
scrub_status_config.xml
scrub_stripped.html
scrub_stripped_without_uc_link.html
scrub_supported_dlp_file_types
scrub_supported_file_types
scrub_watermark
scrub_web_additional_file_types
scur2surf.conf
sdTopicToParserTopic.C
sd_topic_categories.C
sd_topics.C
sd_topics_table.C
sdwan
security_rulebase.xsd
security_rulebase.xsd.C
security_rulebase_rules_sql_mappings.C
security_rulebase_sections_sql_mappings.C
security_rulebases_sql_mappings.C
sem_asm_sqlite_cfg.C
sem_input_sessions.C
sem_logical_input_sessions.C
sem_objects.C
sem_products.C
sem_views_collections.C
semclasses.C
semsyncclasses.C
serverSettings.props
service_modules.C
sessionFieldsCommon.C
sessionFieldsMab.C
sessionIS.C
sessiond.C
settings_policy_defaults.json
sfw_classes.C
shadow_objects.C
shared
slim_fw_types.C
smartlog_command.conf
smtp.conf
snmp.C
snmpTrap
sofaware
sofaware_addon_netobjs.C
software_blades.C
spii.C
spike_detective_conf.xml
sqlite
ssl_certificates.C
ssl_classes.C
ssl_inspection_rulebase.xsd
ssl_inspection_rulebase.xsd.C
ssl_inspection_table.C
status_config_NAC.xml
status_error_msgs.C
stormc_opsec.conf
su_dict.conf
susp_ip_tbl_config.C
susp_ip_tbl_fields.C
susp_ip_tbl_scheme.C
svt_commonly_used_fields.C
svt_fields.C
symmetricDS_configuration.C
synatk.conf
synatk.conf.new
synced_tmp
syslog
tables.C
tables.local.C
tablesC_defaultSnapshot
tdlog.upgrade
tdlog.upgradeServer
tdlog_topic.xml
te.conf
te_attributes.conf
te_cache_purger_init_request
te_cloud_uuid
te_extractors.conf
te_file_types.C
te_file_types.xml
te_file_types_sql_table.C
te_file_types_support.C
te_file_types_support_sql_table.C
te_images.C
te_images_sql_table.C
te_persistency_db
te_recommended_emu_envs.xml
te_remote_gw_ca_bundle.pem
te_tcsi_db
te_tcsi_db-shm
te_tcsi_db-wal
te_tcsi_db.bak
te_updates_reporter_db
te_url_rep_db
te_white_domains_db
te_white_exe_certs_db
te_whitelist_files.C
ted_emulator.crt
ted_local_db
template.json
template_ext_ioc_stat.xml
template_ip_rep_stat.xml
template_scrub_user.conf
tex_engine_version
threat_emulation.xsd
threat_emulation.xsd.C
threat_emulation_db_cfg.C
threat_emulation_status_config.xml
threat_ips_non_approved_gateways.C
thresholds.conf
topo
topology_trans_tmpl.ttm
tp_conf.json
tpd_rad_services.C
trac_client_1.ttm
trac_client_1.ttm.BACKUP
trad_file_types.json
translation_rules.C
trapexec.conf
ttm.conf
uc_db.sqlite
udm_portal_classes.C
udm_portal_objects.C
uepmConfFiles.conf
uepm_classes.C
uf_block_msg.html
uf_classes.C
update_install_statuses_table.conf
updates.def
upgradeScheme
upip.C
urlf.cps
urlf_groups_table.C
urlf_objects_table.C
urlf_status_config.xml
urlrep.eng
urlrep_prm.eng
user.def.CON66CMP
user.def.EdgeCmp
user.def.FLICMP
user.def.FW1
user.def.NGXCMP
user.def.R7520CMP
user.def.R7540CMP
user.def.R7540VSCMP
user.def.R75CMP
user.def.R76CMP
user.def.R77CMP
user.def.R8040CMP
user.def.SFWCMP
user.def.SFWR75CMP
user.def.SFWR77CMP
user.def.V40CMP
user_check_interactions.C
userdef.C
users_monitor
usfw_machines.conf
usrchkd.conf
ver.txt
voip_classes.C
voip_objects.C
vpn.cps
vpn.lf
vpn_client_1.ttm
vpn_route.conf
vpn_service_based_routing.conf
vpnmond.C
vpnmonitor.C
vsaffinity_exception.conf
vsec.conf
vsec.cps
vsx.cps
vsx_classes.C
vsx_cpview_defs
vsxm_new_cmds.conf
wac_uninstall.C
watermark_user_settings.json
webservices_dispatcher.conf
wf_config.C
whitelist
whitelist.20190603
yara
zph.cps
zph_attributes.conf
zph_status_config.xml
[Expert@MYCUSTOMER-EFW-01:0]#cp trac_client_1.ttm trac_client_1.ttm.BACKUP
add the file to trac_client_1.ttm
)
:exclude_local_networks_in_hub_mode (
:gateway (
:default (client_decide)
)
)
[Expert@MYCUSTOMER-EFW-01:0]# vi trac_client_1.ttm
(
:trac_client_1 (
:neo_remember_user_password (
:gateway (endpoint_vpn_remember_user_password
:default (client_decide)
)
)
:neo_remember_user_password_timeout (
:gateway (endpoint_vpn_remember_user_password_timeout
:default (client_decide)
)
)
:neo_always_connected (
:gateway (endpoint_vpn_always_connected
:default (client_decide)
)
)
:neo_always_connected_retry (
:gateway (endpoint_vpn_always_connected_retry
:default (client_decide)
)
)
:neo_user_re_auth_timeout (
:gateway (endpoint_vpn_user_re_auth_timeout
:default (client_decide)
)
)
:neo_keep_alive_timeout (
:gateway (endpoint_vpn_keep_alive_timeout
:default (client_decide)
)
)
:location_awareness_enabled (
:gateway (
:default (client_decide)
)
)
:location_awareness_wlan_networks_are_outside (
:gateway (la_detect_wlan_as_external
:default (client_decide)
)
)
:location_awareness_wlan_network_names_not_outside (
:gateway (la_wlan_networks_exceptions
:ext (get_wireless_networks)
:default (client_decide)
)
)
:location_awareness_dns_suffixes_not_outside (
:gateway (la_defined_dns_suffixes
:ext (get_dns_suffixes)
:default (client_decide)
)
)
:location_awareness_dc_check (
:gateway (la_prefer_dc_over_internal_network
:default (client_decide)
)
)
:location_awareness_cache_locations (
:gateway (la_cache_external_networks
:default (client_decide)
)
)
:location_awareness_cache_internal_locations (
:gateway (
:default (client_decide)
)
)
:neo_disconnect_when_idle (
:gateway (endpoint_vpn_disconnect_when_idle
:default (client_decide)
)
)
:neo_disconnect_when_idle_timeout (
:gateway (endpoint_vpn_disconnect_when_idle_timeout
:default (client_decide)
)
)
:neo_route_all_traffic_through_gateway (
:gateway (endpoint_vpn_route_all_traffic_through_gateway
:default (client_decide)
)
)
:neo_implicit_disconnect (
:gateway (endpoint_vpn_implicit_disconnect
:default (client_decide)
)
)
:neo_implicit_disconnect_timeout (
:gateway (endpoint_vpn_implicit_disconnect_timeout
:default (client_decide)
)
)
:send_client_logs (
:gateway (
:default (client_decide)
)
)
:enable_capi (
:gateway (
:default (client_decide)
)
)
:enable_gw_resolving (
:gateway (
:default (client_decide)
)
)
:certificate_key_length (
:gateway (
:default (client_decide)
)
)
:certificate_strong_protection (
:gateway (
:default (client_decide)
)
)
:certificate_provider (
:gateway (
:default (client_decide)
)
)
:certificate_auto_renewal_threshold (
:gateway (
:default (client_decide)
)
)
:internal_ca_site (
:gateway (
:default (client_decide)
)
)
:internal_ca_dn (
:gateway (
:default (client_decide)
)
)
:tunnel_idleness_timeout (
:gateway (
:ext (tunnel_idleness_timeout)
:default (client_decide)
)
)
:tunnel_idleness_ignored_tcp_ports (
:gateway (
:ext (tunnel_idleness_ignored_tcp_ports)
:default (client_decide)
)
)
:tunnel_idleness_ignored_udp_ports (
:gateway (
:ext (tunnel_idleness_ignored_udp_ports)
:default (client_decide)
)
)
:tunnel_idleness_ignore_icmp (
:gateway (
:ext (tunnel_idleness_ignore_icmp)
:default (client_decide)
)
)
:disconnect_on_smartcard_removal (
:gateway (
:default (client_decide)
)
)
:hotspot_detection_enabled (
:gateway (
:default (false)
)
)
:hotspot_registration_enabled (
:gateway (
:default (false)
)
)
:flush_dns_cache (
:gateway (
:default (client_decide)
)
)
:do_proxy_replacement (
:gateway (
:default (client_decide)
)
)
:default_authentication_method (
:gateway (
:map (
:username-password (username-password)
:challenge-response (challenge-response)
:certificate (certificate)
:p12-certificate (p12-certificate)
:securIDKeyFob (securIDKeyFob)
:securIDPinPad (securIDPinPad)
:SoftID (SoftID)
:client_decide (client_decide)
)
:default (client_decide)
)
)
:mep_mode (
:gateway (
:map (
:dns_based (dns_based)
:first_to_respond (first_to_respond)
:primary_backup (primary_backup)
:load_sharing (load_sharing)
:client_decide (client_decide)
)
:default (client_decide)
)
)
:ips_of_gws_in_mep (
:gateway (
:default (client_decide)
)
)
:suspend_tunnel_while_locked (
:gateway (
:default (client_decide)
)
)
:neo_check_crl (
:gateway (
:default (client_decide)
)
)
:recovery_helpdesk_phone_number (
:gateway (
:default (profile_decide)
)
)
:run_isw (
:gateway (
:default (client_decide)
)
)
:enable_firewall (
:gateway (
:map (
:false (false)
:true (true)
:client_decide (client_decide)
)
:default (true)
)
)
:firewall_policy (
:gateway (
:map (
:allow_all (allow_all)
:outgoing_only (outgoing_only)
:outgoing_and_encrypted (outgoing_and_encrypted)
:encrypted_only (encrypted_only)
:block_all (block_all)
:desktop_policy (desktop_policy)
:client_decide (client_decide)
)
:default (desktop_policy)
)
)
:allow_disable_firewall (
:gateway (
:map (
:false (false)
:true (true)
:client_decide (client_decide)
)
:default (false)
)
)
:fw_log_upload_enable (
:gateway (
:map (
:false (false)
:true (true)
:client_decide (client_decide)
)
:default (true)
)
)
:number_of_tracker_log_files_limit (
:gateway (
:default (client_decide)
)
)
:tracker_log_file_size_limit (
:gateway (
:default (client_decide)
)
)
:remove_log_files_after_sending (
:gateway (
:map (
:false (false)
:true (true)
:client_decide (client_decide)
)
:default (client_decide)
)
)
:post_connect_script_show_window (
:gateway (desktop_post_connect_script_show_window
:default (client_decide)
)
)
:post_connect_script (
:gateway (desktop_post_connect_script
:default (client_decide)
)
)
:allow_clear_traffic_while_disconnected (
:gateway (
:default (client_decide)
)
)
:om_extended_dhcp_params (
:gateway (
:const (true)
)
)
:fw_hotspot_ports (
:gateway (ports
:ext (get_hotspot_ports)
:default (80ᾐƻל&#)
)
)
:fw_enable_hotspot (
:gateway (enabled
:default (true)
)
)
:fw_hotspot_connect_timeout (
:gateway (connect_timeout
:default (540)
)
)
:fw_hotspot_log (
:gateway (log
:default (false)
)
)
:automatic_mep_topology (
:gateway (
:map (
:false (false)
:true (true)
:client_decide (client_decide)
)
:default (true)
)
)
:allow_ipv6 (
:gateway (
:default (client_decide)
)
)
:min_P12_password_length (
:gateway (
:default (client_decide)
)
)
:keep_alive (
:gateway (
:default (client_decide)
)
)
:keep_alive_interval (
:gateway (
:default (client_decide)
)
)
:automatic_capi_reauthentication (
:gateway (
:default (client_decide)
)
)
:exclude_local_networks_in_hub_mode (
:gateway (
:default (client_decide)
)
)
)
)
5. Install the policy
6. Delete and create as new the site on the VPN endpoint client
7. login using username and password
8. Right click the VPN client under notification bar--VPN Options--Properties---> Settings ---check Do not route traffic for local network to the gateway
9. Disconnet the vpn client
10. Connect with username and password
11. After all this first setup, no need to do it everytime, we need to connect using username and password.
12. VPN client users can access the local networks and also thier company site resources as well.
| User | Count |
|---|---|
| 6 | |
| 4 | |
| 3 | |
| 3 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 | |
| 2 |
Tue 21 Jan 2025 @ 04:00 PM (CET)
Boosting Network Performance with New R82 Software and AI-Powered Gateways - EMEATue 21 Jan 2025 @ 03:00 PM (EST)
Boosting Network Performance with New R82 Software and AI-Powered Gateways - AmericasThu 23 Jan 2025 @ 10:00 AM (CET)
Enhancing Cyber Resilience with Check Point Security Operation (SecOps) Services (EMEA)Tue 21 Jan 2025 @ 04:00 PM (CET)
Boosting Network Performance with New R82 Software and AI-Powered Gateways - EMEATue 21 Jan 2025 @ 03:00 PM (EST)
Boosting Network Performance with New R82 Software and AI-Powered Gateways - AmericasThu 23 Jan 2025 @ 10:00 AM (CET)
Enhancing Cyber Resilience with Check Point Security Operation (SecOps) Services (EMEA)
