Secure Mobile Access 12.4 Administration Guide

Split Tunnel Modes

In Split tunnel mode, traffic bound for resources defined in AMC is redirected through the tunnel, and all other traffic is routed as normal. This is less secure than redirect all mode, but also more convenient for users because it doesn’t interfere with Internet access.

To safeguard against unauthorized access to users’ computers through their Internet connections, which could potentially reach network resources by re-routing through the split tunnel, consider using End Point Control restrictions to require that users’ computers are running personal firewalls or antimalware protection.

To also give users access to local printers and file shares, select Split tunnel, with access to local network.

When the appliance is configured for one of the split tunnel modes, you can allow users to decide whether to give preference to local or remote network access. For example, let’s say you have a host resource—a Web server—with an address of 192.168.230.1. The user goes on a business trip and it turns out that the printer he or she wants to use, on a local network at a conference center, uses that same address. If you’ve selected the Allow users to indicate which split tunnel redirection mode to use on the client option in AMC, you allow the traveler to indicate a preference for local resources (in this case, the printer) when there is a network conflict. The choice is made on the client in the Connect Tunnel Properties , on the Advanced tab.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.