OpenVPN: Split or Full Tunnel

When configuring your OpenVPN server on the NGFW, you have various options you can specify per each client. A commonly asked question is whether or not you should set the configuration to Full Tunnel or Split Tunnel (setting Full Tunnel to false). Split Tunnel refers to having your client only use the configured tunnel to reach network resources when requesting them, and all other traffic will be routed through their gateway from their public IP. Full Tunnel refers to having all network traffic route through the tunnel. This configuration is per group, under Apps > OpenVPN > Server > Groups. and allows you to specify your configuration for either, and then to apply it to your clients during client creation depending on their needs, or the network administrators requirements. 

NOTE: You can modify a client's group at anytime to specify whether they are full or split tunnel, but it is recommended to resend the OpenVPN client to the host after any modifications to ensure that they take place.

Group Creation:

mceclip0.png

 

Client Creation:

mceclip1.png

 

Follow
Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk