Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
LukeM
Explorer
Jump to solution

How route all traffic through gateway on a per user basis?

Is there a way on Quantum Spark 1590 to route all internet traffic through the gateway on a per user basis for remote access VPN users? I know the setting "Route internet traffic from connected clients through this gateway" but that seems to apply to all users unless they're using SNX or SecuRemote to login which are not supported in Office Mode.

E.g. User A should get access to our internal network but all his external traffic should keep using his ISP/network (split tunnel). The traffic of user B however should completely be routed through our gateway because some external services that need to be accesses are restricted to our office IP.

For security reasons the final decision/setting if a user is allowed to route all traffic through our gateway needs to be in the Quantum Spark appliance.

Remote access VPN users will use Windows (Checkpoint Remote Capsule VPN if possible) and Linux (how?) to login.

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

Quantum Spark appliances are SMB.
Unfortunately there is not a per-user setting for this.

View solution in original post

3 Replies
PhoneBoy
Admin
Admin

We can do it per LDAP group on regular (non-SMB) gateways: https://support.checkpoint.com/results/sk/sk114882
It's not clear if this is also supported on SMB appliances or not.

0 Kudos
LukeM
Explorer

I'm relatively new to the Checkpoint ecosystem, how do I know if I have a regular or SMB gateway or are the Quantum Sparks 1590 per se SMB gateways?

Currently we don't use LDAP.

0 Kudos
PhoneBoy
Admin
Admin

Quantum Spark appliances are SMB.
Unfortunately there is not a per-user setting for this.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events