Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
flachance
Contributor

selective split tunneling based on destination

Jump to solution

R80.30

Split Tunneling is currently disabled.

Is there a way to enable it only for certain destinations? Like when going to youtube or if using Teams?

 

thanks

 

1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

The encryption domain is IP addresses in the end.
Basically you’d be creating an encryption domain for everything except for the IPs in question.
Similar to this (except you’d define the specific IPs to exclude): https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

View solution in original post

5 Replies
PhoneBoy
Admin
Admin
By definition Split Tunneling means "route some traffic across VPN and route everything else to the Internet directly."
Route All Traffic means exactly that with the local subnet as a possible exception to this rule.
What you probably want is a Remote Access domain that contains everything BUT specific web-based applications.
Currently, we don't offer an easy way to create that.

Personally, I'm not a fan of the "Route All Traffic" approach as it doesn't really scale.
You can get visibility and protection for the Endpoint by deploying the appropriate controls.
Better yet: They don't require you to be connected via VPN for them to apply.
remi0403
Explorer
0 Kudos
PointOfChecking
Contributor

That discussion was for a reverse of this question.

I have a similar issue as this.  However, mine is more simpler, we don't need for specific web-based applications, just specific IP addresses.

 

0 Kudos
PhoneBoy
Admin
Admin

The encryption domain is IP addresses in the end.
Basically you’d be creating an encryption domain for everything except for the IPs in question.
Similar to this (except you’d define the specific IPs to exclude): https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

View solution in original post

PointOfChecking
Contributor

Thanks for the pointers!  Got it.

0 Kudos