set vpn site-to-site no-local-conns-encrypt

In the R81.10.X releases, this command is available starting from the R81.10.00 version.

Description

Controls whether to exclude the Internet connection's IP address from the local encryption domain.

Packets do not go through a VPN tunnel, if their original source IP address or destination IP address is the local gateway's Internet connection IP address.

This parameter may be useful when all traffic originating from the gateway is hidden behind Hide NAT.

The default is "false".