This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Jeril_Cherian
Explorer
‎2018-10-23 10:08 PM

VPN routes issue

When connected to VPN ( secureclient, office mode), i'm not able to get to internal sites ( RFC private networks) when split tunneling is disabled. So, i added RFC networks to encryption domains and ended up having 300+ routes in client machine. Is there better way to make it possible ? Also why are the routes added in below fashion instead of just one /8 or /12 or /18

----

10.0.0.0 255.255.0.0 10.255.240.2 10.255.240.1 1
10.1.0.0 255.255.252.0 10.255.240.2 10.255.240.1 1
10.1.4.0 255.255.255.252 10.255.240.2 10.255.240.1 1
10.1.4.4 255.255.255.255 10.255.240.2 10.255.240.1 1
10.1.4.5 255.255.255.255 10.255.240.2 10.255.240.1 1
10.1.4.6 255.255.255.254 10.255.240.2 10.255.240.1 1
10.1.4.8 255.255.255.248 10.255.240.2 10.255.240.1 1
10.1.4.16 255.255.255.240 10.255.240.2 10.255.240.1 1
10.1.4.32 255.255.255.224 10.255.240.2 10.255.240.1 1
10.1.4.64 255.255.255.192 10.255.240.2 10.255.240.1 1
10.1.4.128 255.255.255.128 10.255.240.2 10.255.240.1 1
10.1.5.0 255.255.255.0 10.255.240.2 10.255.240.1 1
10.1.6.0 255.255.254.0 10.255.240.2 10.255.240.1 1
10.1.8.0 255.255.248.0 10.255.240.2 10.255.240.1 1
10.1.16.0 255.255.240.0 10.255.240.2 10.255.240.1 1

---

3 Replies
G_W_Albrecht
Legend
Legend
‎2018-10-24 01:08 AM

Usually, Encryption Domain contains all internal networks behind the GW. Following the CP VPN Admin Guides for configuration, i have never encountered the issue you describe at all...

CCSE CCTE SMB Specialist
0 Kudos
Jeril_Cherian
Explorer
‎2018-10-24 02:03 AM
In response to G_W_Albrecht

Any idea why routes are added those ways ?

0 Kudos
G_W_Albrecht
Legend
Legend
‎2018-10-24 04:03 AM
In response to Jeril_Cherian

Maybe the reason is the way you defined / added it ? Usually, all networks defined as internal are in the Encryption Domain for the site when you choose for VPN Domain to use the Topology information.

CCSE CCTE SMB Specialist