Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Help me understand IVE

Amitkor_
Not applicable
‎04-07-2015 10:06:AM
‎04-07-2015 10:06:AM

Help me understand IVE

Hi,

Im trying how the IVE system works.

Ive installed it on vmware and testing it in a lab.

Ive set up a firewall with 2 pc behind it in LAN (192.168.150.0/24) and a windows server for LDAP and the IVE in the DMZ (192.168.200.0/24).

In 'Resource Policies', configured 'Split Tunneling'.

I kept the access control default of a *:* and applies to all roles. configured a connection profile with subnet (192.168.170.1-192.168.170.254) and split-tunneling network with the LAN sunbet (192.168.150.0/24). split-tunneling is

I configured a role with only split-tunneling checkbox marked and configured to enable.

To my suprise, after connecting, i was able to ping and connect with RDP to both computers. So obviously i was wrong thinking the split-tunneling feature is just for routing.

From what i've seen, it means i can control the entire connectiong by allowing specific addresses and ports to role. So it control it globaly from there, why would i need/want to control it by configuring terminal services, file sharing etc?

Do you recommend configuring split-tunneling on each role instead of resource policy and apply resources such as terminal server to a specific role?

Regards,

Amit K.

0 Kudos
1 REPLY 1
msarwar_
Occasional Contributor
‎04-21-2015 03:16:AM
‎04-21-2015 03:16:AM

Re: Help me understand IVE

Hi Amit,

It depends what you want to achieve really. The whole point of split tunneling is typically used to route specific traffic over the SSL VPN.

A lot of customer's I work with usually use split tunneling for internet traffic, so any traffic that goes to the intrenet is gone directly out their connection and not through the VPN.

Say for exmaple you have two roles; employees and third party. You want all internet and internal traffic to go over the VPN for employess and for third party you want internet traffic to go out directly but all internal traffic via the vpn so they can access corporate resoruces. This can be accomploshed by creating two resource policies with the relevant split tunnelling configuration and assign them to the employess and third party roles.

Hope this helps.

Thanks.

Mas

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.