Pocket PC 2003 SecureClient ActiveSync Pass Through

[pokey]

Hi all
i'm trying to configure secureclient for pocket pc 2003 using build 149. I'm having issues with activesync pass through. What i'm finding is when the PDA is cradled and i've selected "ActiveSync: Allow All" and "Don't encrypt in ActiveSync" with a "Allow Encrypted Only" policy, activesync pass through is not working.

According to Checkpoints release notes:
"The administrator should make sure that the IP address 192.168.55.101 is
not used by any device on the network.
SecureClient for Pocket PC 2003 accepts connections that were initiated using this IP
(when the user chose to Allow un-encrypted ActiveSync connections) regardless of the
client's Security Policy and topology."

This should be working.
What i had to do in order for the PDA to communicate to the network when cradled is change the policy to "Allow Outgoing and Encrypted". This will cause issues when the PDA is not in the cradle as this will effectively make the VPN a split tunnel, which is something i dont want.

How can i maintain the "Allow Encrypted Only" policy but let the PDA connect to resources whilst cradled?

Nhon