@@ -908,20 +908,6 @@ This clause addresses the requirements in the CRA [\[i.1\]](#_ref_i.1) Annex 1 P
The VPN client shall not route traffic through the endpoint from sources/destinations other than the endpoint without the user's explicit informed consent, and such routing shall not be necessary for the use of any unrelated function.
#### 5.2.11.2 MI-TRAF-1: No capability to route traffic from other sources (### 5.10.N IM)
***\[REQ-IM-myk03]** The VPN client shall not implement the capability for routing traffic from sources/destinations other than the endpoint through an endpoint.
[//]:#(### 6.10.N IM)
* Reference: TR-TRAF
* Requirement: **REQ-IM-myk03**
* Objective: Prevent unauthorized network access to endpoints
* Preparation: None
* Activities: Connect an endpoint and capture the traffic on all interfaces
* Verdict: No traffic originating from the VPN for sources/destinations other than the endpoint => PASS, otherwise FAIL
* Evidence: Packet capture with annotations of origin of packet
#### 5.2.11.3 MI-TRAF-2: Route traffic from other sources disabled by default (### 5.10.N IM)
***\[REQ-IM-mho3g]** The VPN client shall disable by default the capability for routing traffic from sources/destinations other than the endpoint through an endpoint.