Skip Navigation

Create a
Gateway
service policy

You can use the
Gateway
service policy to enable split tunneling and specify device-specific options. If you enable split tunneling, connections to allowed public destinations bypass the tunnel unless you specify that connections to the destination must use the tunnel.
  1. On the menu bar, click
    Gateway > Policies
    .
  2. Click the
    Gateway Service
    tab.
  3. Click
    Add Policy
    .
  4. Type a name and description for the policy.
  5. To allow traffic to some public destinations to bypass
    BlackBerry Gateway
    , perform the following actions:
    1. Turn on
      Split tunneling
      .
    2. To specify destinations that must use the tunnel, click The Add icon .
    3. Type the CIDR addresses for destinations that must route through the tunnel and click
      Add
      .
  6. Select any of the following options:
    Option
    Description
    Windows
    Force applications to use the tunnel
    Specify whether all non-loopback connections must use the tunnel. Any split tunnel routes that do not use the tunnel will not function.
    Allow incoming connections
    Specify whether to allow incoming TCP connections from non-tunnel, non-loopback interfaces.
    Gateway
    never routes incoming connections on its tunnel.
    Allow
    Gateway
    to run only if
    BlackBerry Protect
    is also activated on the device.
    Specify whether
    BlackBerry Protect
    must also be activated to use
    Gateway
    on
    Windows
    devices.
  7. Click
    Add
    .