06-23-2020 05:01 AM
06-23-2020 06:30 AM
Under Gateway
agent , client settings then click on split tunnel
You will see Tab on left hand side Access routes
below that you see include and exclude
What ever traffic you want to exclude will use your ISP DNS server rest of traffic will use your Company DNS server.
06-23-2020 12:59 PM
thank for your reply
iam using the split tunnel to allow such traffic which passing through global protect .Rest of traffic will automatically exclude by paloalto. if iam not add any thing in exclude column or it's mandatory to add such network(Public network) to exclude and don't resolve the internal dns. please suggest
06-23-2020 01:07 PM
Yes for split tunnel to work you need to exclude network what you want .
06-23-2020 01:17 PM
if i want to exclude the other traffic so it's will resolve my private DNS or public DNS. Because when i try to do nslookup it will still show my private dns and also seen in wireshark it's resolve my private dns for every query.
06-23-2020 02:29 PM
Yes Traffic that is excluded will use your Private or Home ISP DNS or Google DNS which ever you have.
06-23-2020 11:18 PM
i have excluded the public network but still my private DNS is resolved.
06-23-2020 11:24 PM - edited 06-23-2020 11:24 PM
When you say I exclude the public network which subnet's you put in exclude network?
Then when you access those subnet's it will not go via the Global protect.
It will use user Home network DNS to resolve the websites.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
