CheckPoint and Tunnel Splitting

I have a Safe@Office 425W (firmware ver. 5.0.82x and hardware version 1.1).  My "road warriors" are running CheckPoint VPN-1 SecureClient NGX R60 (Build 191).
The issue i'm having is, when they connect to our network (connection is fine); they lose their local internet access.  This means that if they are at a client, at home or where ever, and connect to our network, they drop their ability to surf the web.  I've been reading something about policy settings but have yet to find any way to set them.  It was easy in a PIX router (Cisco) but this device has no tunnel splitting option - just a User.C file found in the Check Point folder of each user.
I believe I could use Secure Remote but would rather use the Secure Client instead.
I must be over-looking something.
Any ideas?

Thank You

Jim PooleConsultantAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jim PooleConsultantAuthor Commented:
Sorry everyone,   I figured it out.

The Answer is:  I had to setup SecureClient in Extended View.  Once done and the software stops and starts itself, I had to delete my profile/site and recreate it again.  Then, in the properties of the profile in the Advance tab, I had to turn off HUB mode.  This would then allow me to surf the web via my local connection as well as access my server via VPN.

Just a note - after doing the above - I still had an issue accessing drives on my server.  I found that my PC-Cillon (Trend Micro) 2006 personal firewall was blocking the ports needed by Check Point.  After opening up those ports in Trend Micro, everything worked fine.  Those ports are as follows:

...The filtering device has the following ports blocked: -TCP Port 264 -TCP Port 256 -UDP Port 259 -UDP Port 500 -Protocol 94, 50 and 51...

which can be found here at Experts-Exchange using this link:
PAQed with points refunded (125)

Community Support Moderator

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.