This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Louis_Poulin
Collaborator
‎2018-07-12 01:37 PM
Jump to solution

How to disable split tunneling for some users while enabling it for other users

Setup is R80.10 in VSX, two gateways in cluster, VSLS. One VS is acting as the VPN gateway.

I need to disable split tunneling for some users. So I need to route all traffic to the gateway for them.

But I also need to allo split tunneling for other users.

I need to force this settings; I don't want to let users decide or configure it on the client.

VPN clients used are either Capsule VPN running on Windows 10, or Remote Access VPN client for Windows.

Thanks!

0 Kudos
1 Solution

Accepted Solutions
2 Replies
PhoneBoy
Admin
Admin
‎2018-07-13 02:47 AM
Jump to solution

This was discussed in https://community.checkpoint.com/message/20006-re-exclude-subnet 

The relevant SK: Remote Access clients configuration based on group membership 

Nikolaos_Liakop
Explorer
‎2019-04-18 04:02 AM
In response to PhoneBoy
Jump to solution

Hi, I followed the aforementioned sk114882 and it did not work for me.

Our setup is the following: r80.20m2 manager which is a vm and  2 physical appliances running r80.10.

I followed the exact same procedure in order to disable split tunneling (ie route all traffic via the gateway) on a Checkpoint group named "ttm_finance". I did the changes on the relevant config (finance.ttm) which resides both on the manager as well as the gateways under $FWDIR/conf directory

Whenever I initiate a client2site vpn connection with a user who belongs to "ttm_finance" , I cannot see the extra default route  on my PC.

Obviously there's something I am missing...

Any guidance should be appreciated.

 

Thanks in advance.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events