Who rated this post - Check Point CheckMates

The State of Ransomware Q1 2026
Key Trends and Their Impact

Good, Better, Best:
Prioritizing Defenses Against Credential Abuse

Watch Now!

AI Security Masters E7:
How CPR Broke ChatGPT's Isolation and What It Means for You

Watch Now!

Blueprint Architecture for Securing
The AI Factory & AI Data Center

Learn More!

Call For Papers
Your Expertise. Our Stage

Learn More!

CheckMates Go:
CheckMates Fest

Listen Now

Split tunnel (allowing direct access to Internet versus routing all traffic through the VPN headend) is the default.
You change this in Global Properties > Remote Access > Endpoint Connect > Route All Traffic to Gateway
There is also a setting on the client when the above setting is set to "Configured on Endpoint Client."

For access by DNS name, that generally involves:

Configuring Office Mode (requires appropriate licenses). This will assign the VPN client an IP address on the configured network and, more importantly, DNS servers for the client to use.
If you are using SecuRemote (which does not have license requirements), refer to this for configuring SecuRemote DNS objects: https://community.checkpoint.com/t5/Remote-Access-VPN/Quick-Primer-on-How-to-Configure-your-Gateway-...

Depending on the precise requirements for accessing the Disaster site, you may want to configure Multiple Entry Point.
See: https://sc1.checkpoint.com/documents/R81.20/WebAdminGuides/EN/CP_R81.20_RemoteAccessVPN_AdminGuide/C...

View solution in original post

Who rated this post

Contributor

Rating date: