CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


** Announcing the #CPUGchallenge **

I'm very happy to announce that CPUG will be hosting "The CPUG Challenge" during CPX this year.
It promises to be a fun and interesting event that will test (and maybe even expand) your knowledge of Check Point.
Whether or not you plan to attend CPX, we have something for you. Please check out this post or the CPUGchallenge.com web site for more information. -E

 

Results 1 to 2 of 2

Thread: SecuRemote E80.64 - split DNS doesn't working.

  1. #1
    Join Date
    2015-12-08
    Posts
    4
    Rep Power
    0

    Default SecuRemote E80.64 - split DNS doesn't working.

    Hello,
    I have CP 4200 Gaia R77.30 with Remote Access VPN configured. Authentication profile is Microsoft_AD, this part works fine. The problem is when remote client is connected via VPN, the DNS queries goes to internal DNS only (via VPN), even for external hosts. This causes delays with web pages loading. I have configured SecuRemote DNS with mydomain.local suffix, but this doesn't work. ChcekPoint manual says that "On SecuRemote, Split DNS is automatically enabled.". Does anyone solved that problem?

  2. #2
    Join Date
    2015-12-08
    Posts
    4
    Rep Power
    0

    Default Re: SecuRemote E80.64 - split DNS doesn't working.

    Quote Originally Posted by DawidK View Post
    Hello,
    I have CP 4200 Gaia R77.30 with Remote Access VPN configured. Authentication profile is Microsoft_AD, this part works fine. The problem is when remote client is connected via VPN, the DNS queries goes to internal DNS only (via VPN), even for external hosts. This causes delays with web pages loading. I have configured SecuRemote DNS with mydomain.local suffix, but this doesn't work. ChcekPoint manual says that "On SecuRemote, Split DNS is automatically enabled.". Does anyone solved that problem?
    Solved now, CheckPoint Support solution:

    Add the following key and DWORD value in the registry on client Windows workstation:
    HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Win dows NT\DNSClient
    DisableSmartNameResolution (DWORD) = 1

Similar Threads

  1. SecuRemote office mode/split tunneling and desktop policy
    By pinoo in forum SecureClient/SecuRemote
    Replies: 6
    Last Post: 2009-01-26, 18:20
  2. SecuRemote/SecureClient VPN to a gateway behind NAT doesn't work
    By michraz in forum SecureClient/SecuRemote
    Replies: 2
    Last Post: 2007-01-17, 14:00
  3. SecuRemote Split tunneling
    By Clon32 in forum SecureClient/SecuRemote
    Replies: 4
    Last Post: 2006-10-21, 11:53
  4. SecuRemote Included Licensing Doesn't Work
    By yelwoci in forum SecureClient/SecuRemote
    Replies: 0
    Last Post: 2006-05-23, 05:36
  5. Killing SecuRemote Doesn't Kill Active Connections to Encryption Domain
    By Barry J. Stiefel in forum SecureClient/SecuRemote
    Replies: 0
    Last Post: 2005-08-13, 17:40

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •