Enabling or Disabling Split DNS
On SecuRemote, Split DNS is automatically enabled. On Endpoint Security VPN and Check Point Mobile for Windows, you can edit a parameter in the trac_client_1.ttm
configuration file to set if Split DNS is enabled, disabled, or depends on the client settings.
To change the setting for Split DNS on the Security Gateway:
-
On the Security Gateway, open the $
FWDIR/conf/trac_client_1.ttm
file with a text editor. -
Add the
split_dns_enabled
property to the file::split_dns_enabled (
:gateway (
:map (
:true (true)
:false (false)
:client_decide (client_decide)
)
:default (client_decide)
)
)
-
Set the required value in the
:default
attribute:-
true - Enabled
-
false - Disabled (this is the default)
-
client_decide - Takes the value from a file on the client machine
-
-
Save the file.
-
Install the policy.