Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Ray_Burquest
Participant
Jump to solution

Harmony Connect Branch route exclusions

Excluded routes can be set for the device agent in Harmony Connect to cover internal subnets so they do not route to the Harmony Gateways, Check Point also adds exclusions for a list of destinations (see SK170299) for the likes of YouTube which also go direct and not to Harmony Gateways.

To replicate this routing functionality for a branch (where I may have guest users or we elect to turn off the client) I can add other, more specific IPSec routes on the branch device for the known internal subnets, but how are the Check Point exclusions (like YouTube) catered for? The traffic would route up to the Harmony Gateways as they follow the default gateway.

 

Ray

0 Kudos
1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

I believe we can only manage the application specific exclusions on the client itself.
For branch office devices, it would have to be configured on the device itself (subject to what it allows).

View solution in original post

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

I believe we can only manage the application specific exclusions on the client itself.
For branch office devices, it would have to be configured on the device itself (subject to what it allows).

0 Kudos
Ray_Burquest
Participant

Thanks, that makes sense when I configure the routing set up of the SDWAN device. I think the SK should be updated to add a note about this and to alert people to the risk of some apps not working as alluded to in the SK.

0 Kudos
PhoneBoy
Admin
Admin

Sounds like a good suggestion.
Recommend leaving specific feedback on the SK.

0 Kudos
Upcoming Events

    CheckMates Events