topic Re: How to allow particular URL via Global Protect Split Tunnel and DNS should resolve for that particular URL. in General Topics https://live.paloaltonetworks.com/t5/general-topics/how-to-allow-particular-url-via-global-protect-split-tunnel-and/m-p/598713#M119088 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/270133">@tthapa23</a>&nbsp;,</P> <P>&nbsp;</P> <P>So if you try resolving the URLs, im guessing your getting the public IPs? Try creating a private DNS zone for xyz.snowflakecomputing.com in Azure. In the zone you can then configure the various CNAMEs for each of your snowflake URLS and route traffic to your Snowflake endpoints. On your AD servers that you point DNS to for GP clients, forward queries to xyz.snowflakecompting.com to the resolver inbound endpoint. I have more experience in AWS so my terms might be a bit confusing. Hope this points you in the right direction.</P> Wed, 25 Sep 2024 03:12:14 GMT JayGolf 2024-09-25T03:12:14Z How to allow particular URL via Global Protect Split Tunnel and DNS should resolve for that particular URL. https://live.paloaltonetworks.com/t5/general-topics/how-to-allow-particular-url-via-global-protect-split-tunnel-and/m-p/598196#M119087 <P>Our BI team has snowflake setup in the azure, they have whitelisted on-prem public ip addresses and Global protect public ip addresses to allow the snowflake access.&nbsp; We have a split tunnel GP VPN so tried with including domain and port number of the snowflake in the global protect&nbsp;<SPAN>config.&nbsp; which is having a DNS resolution issue? is any one have any suggestion or solution for this kind of issue? How to make this split tunnel vpn should work as a full tunnel if they have connected form remotely?</SPAN></P> <P>&nbsp;</P> <P>&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="tthapa23_0-1726688400290.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/62314iFB926681D0B5767E/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="tthapa23_0-1726688400290.png" alt="tthapa23_0-1726688400290.png" /></span></P> <P>&nbsp;</P> Wed, 18 Sep 2024 19:49:24 GMT https://live.paloaltonetworks.com/t5/general-topics/how-to-allow-particular-url-via-global-protect-split-tunnel-and/m-p/598196#M119087 tthapa23 2024-09-18T19:49:24Z Re: How to allow particular URL via Global Protect Split Tunnel and DNS should resolve for that particular URL. https://live.paloaltonetworks.com/t5/general-topics/how-to-allow-particular-url-via-global-protect-split-tunnel-and/m-p/598713#M119088 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/270133">@tthapa23</a>&nbsp;,</P> <P>&nbsp;</P> <P>So if you try resolving the URLs, im guessing your getting the public IPs? Try creating a private DNS zone for xyz.snowflakecomputing.com in Azure. In the zone you can then configure the various CNAMEs for each of your snowflake URLS and route traffic to your Snowflake endpoints. On your AD servers that you point DNS to for GP clients, forward queries to xyz.snowflakecompting.com to the resolver inbound endpoint. I have more experience in AWS so my terms might be a bit confusing. Hope this points you in the right direction.</P> Wed, 25 Sep 2024 03:12:14 GMT https://live.paloaltonetworks.com/t5/general-topics/how-to-allow-particular-url-via-global-protect-split-tunnel-and/m-p/598713#M119088 JayGolf 2024-09-25T03:12:14Z