Firewall-1
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [FW-1] SecuRemote and Split Tunnel

from Ray Pesek [Permanent Link]
Subject: Re: [FW-1] SecuRemote and Split Tunnel
From: Ray Pesek <sixsigma44 AT HOTMAIL DOT COM>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date: Tue, 27 Jan 2004 21:18:08 -0500 
Microsoft's clients don't really disable it. Any user can uncheck the "use
default gateway on remote" or whatever it says and get split tunneling.

Sorry, I don't know about SR. We use SC and the desktop security policy to
stop it.

Ray Pesek, CISSP






From: Ruiyuan Jiang <Ruiyuan_Jiang AT LIZ DOT COM>
Reply-To: Mailing list for discussion of Firewall-1
<FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] SecuRemote and Split Tunnel
Date: Tue, 27 Jan 2004 17:06:06 -0500

Hi, all

We are testing SecuRemote. One of feature from SecuRemote we don't like is
"split tunneling" which when securemote establishes the connection with
firewall, the laptops or remote users still can browse Internet, etc
through
their ISP's internet connection. Since this sounds like openning a hole for
interactive program for hacker (anyway without protection such as Secure
Client, the remote PCs can be hacked any time) while the VPN channel is
established to access corporate network, is there anyway to disable "split
tunnel" for SecuRemote. I know Microsoft's L2TP or PPTP disables split
tunnel. Thanks in advance.


Ryan Jiang

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================


_________________________________________________________________
Check out the coupons and bargains on MSN Offers!
http://shopping.msn.com/softcontent/softcontent.aspx?scmId=1418

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [FW-1] Setting up DMZ with Win 2000 Server, Hal Dorsman
Next by Date:  [FW-1] error "too many internal hosts", Suryanto Budiman
Previous by Thread:  [FW-1] SecuRemote and Split Tunnel, Ruiyuan Jiang
Next by Thread:  Re: [FW-1] SecuRemote and Split Tunnel, Lars Troen
Indexes:  [Date] [Thread] [Top] [All Lists]