If you add trusted external IP addresses, the Gateway Enforcer appliance allows clients at these IP addresses to connect to the network even if they do not run any client software.
Because a client is not installed on VPN servers, you should add the server IP to the trusted IP list if you have a VPN server requiring network access through a Gateway Enforcer.
If you enter an invalid IP address, you receive an error message.
You need to add the corporate VPN server's internal IP address in the Trusted external IP Addresses field first.
To specify trusted external IP addresses
In Symantec Endpoint Protection Manager, click Admin.
Select and expand the group of Enforcers.
Select the group of Enforcers for which you want to specify trusted external IP addresses.
Under Tasks, click Edit Group Properties.
In the Gateway Settings dialog box, on the Auth Range tab, in the Trusted IP address range area, select Trusted External IP address range from the drop-down list.
In the IP Address Settings dialog box , type an IP address or address range.
The IP address is added to the list and a check mark appears in the Enable column.
In the Settings dialog box, click OK.