I don't want to configure split tunnel on the security gateway, I was wondering how I can exclude my subnet from full tunnel setup, is there any options?
Let's put this in the Remote Access section where it belongs.
Looks like you can achieve what you're after by following this SK: Cannot exclude local network when connected to Remote Access VPN via Hub Mode
Thanks Dameon, I followed your SK but it didnt help.
When ever I try to access a local resource (local VM on my PC), the traffic is still being sent through to SG.
I am trying to find a solution where i can have split tunnel enabled for my VPN (exclude local subnet going through SG which is enabled for hub mode)
Perhaps there is an error in the SK or there is a different issue.
Have you opened a TAC case?
Contact Support | Check Point Software
I have not as I dont have support contract with CP.
I there any solution where i can have split tunnel enabled for certain users on Checkpoint and other users will have to go through SG which is configured for Hub Mode?
As far as I know this is a global setting.
That means either all users can do it or none can.
Did you modify trac_client_1.ttm as described in the SK?
Your partner (or whoever you have a support contract they) should be able to open a ticket with us as needed.
Is there any other option other than sk121766, to exclude local subnet from going through security gateways which is configured for HUB mode.
I want to have split tunnel enabled for only specific users and other users I they will have to go through SG which is configured for Hub Mode?
Is it possible to configure split tunnel for some and full tunnel for other users ?
As far as I know the settings apply to all users connecting to a given gateway but will double-check.
Looks like you can configure the TTM file per group.
In fact, the exact scenario you want is described in the following SK: Remote Access clients configuration based on group membership
Retrieving data ...