Split Tunnel Modes
In Split tunnel mode, traffic bound for resources defined in AMC is redirected through the tunnel, and all other
traffic is routed as normal. This is less secure than redirect all mode, but also more convenient for users because
it doesn’t interfere with Internet access.
To safeguard against unauthorized access to users’ computers through their Internet connections, which could
potentially reach network resources by re-routing through the split tunnel, consider using End Point Control
restrictions to require that users’ computers are running personal firewalls or antimalware protection.
To also give users access to local printers and file shares, select Split tunnel, with access to local network.
When the appliance is configured for one of the split tunnel modes, you can allow users to decide whether to
give preference to local or remote network access. For example, let’s say you have a host resource—a Web
server—with an address of
192.168.230.1. The user goes on a business trip and it turns out that the printer
he or she wants to use, on a local network at a conference center, uses that same address. If you’ve selected the Allow users to indicate which split tunnel redirection mode to use on the client option in AMC, you allow the
traveler to indicate a preference for local resources (in this case, the printer) when there is a network conflict.
The choice is made on the client in the Connect Tunnel Properties , on the Advanced tab.
Was This Article Helpful?
Help us to improve our support portal