Microsoft's clients don't really disable it. Any user can uncheck the "use default gateway on remote" or whatever it says and get split tunneling.
Sorry, I don't know about SR. We use SC and the desktop security policy to stop it.
Ray Pesek, CISSP
From: Ruiyuan Jiang <[EMAIL PROTECTED]> Reply-To: Mailing list for discussion of Firewall-1 <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: [FW-1] SecuRemote and Split Tunnel Date: Tue, 27 Jan 2004 17:06:06 -0500
Hi, all
We are testing SecuRemote. One of feature from SecuRemote we don't like is "split tunneling" which when securemote establishes the connection with firewall, the laptops or remote users still can browse Internet, etc through their ISP's internet connection. Since this sounds like openning a hole for interactive program for hacker (anyway without protection such as Secure Client, the remote PCs can be hacked any time) while the VPN channel is established to access corporate network, is there anyway to disable "split tunnel" for SecuRemote. I know Microsoft's L2TP or PPTP disables split tunnel. Thanks in advance.
Ryan Jiang
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
_________________________________________________________________ Check out the coupons and bargains on MSN Offers! http://shopping.msn.com/softcontent/softcontent.aspx?scmId=1418
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
