Did somebody successfully implement this feature ?
I'm working on GP 5.0.7 and PANOS 8.1, also we have a Global Protect Gateway license active.
I want to exclude video traffic from the VPN tunnel. So I go to my external gateway, and enable exclude video traffic. The tunnel mode is enabled, and also in the agent config, the split tunneling is enabled (ie the option "no direct access to local network" is disabled).
When I add application like dailymotion or netflix-streaming, I still can see such application going through the firewall.
When I let the application panel empty, expectation is that ALL video streaming traffic is excluded from VPN. But that is not working either.
So I'll be glad if someone encountered the same issue and resolved it
In parrallel, I'm using standard split tunneling via subnet IPs, and this is working well so far. But I want to make video traffic exclusion work.
I just tested for Netflix and it works but I had to add also on the "Agent/client Settings/Split Tunnel/Domain and Application" the following exclude domains entries:
Yes, that's the point, so you are using domain exclusion.
It means that if you go back to your gateway configuration, Video Traffic tab and deactivate the feature to bypass video, then it will continue to work (ie netflix doesn't go through the tunnel).
What I would like is use Video Traffic feature so I don't need to add bunch of domains and IP addresses to the exclusion list.
I have a case open to this problem. Unfortunately I can’t execute all the plan action asked by the support at this time (waiting the “go back” to the office J ). I’ll let you know.
I wanna just share a workaround I applied for Netflix ( 2x entries in exclude domain).
I have another challenge today: Disneyplus and Zoom. Any experience?
I too got a case open (since december even !) because we had some video exclusion issue with other sites too.
Looks like the agent still forwards some traffic through the tunnel initially which causes a break in the application.
First we could try netflix after trying the same stream multiple times again, but now it doesnt work anymore.
Tried several things, upgraded and stuff but no improvement. I'll keep you guys update whenever i get some info.
Yes, I think you're right. When using domains, firsts packets go through the tunnel and then pass to the direct connection. For me it's working.
For Zoom I add Exclude Client Application
My setup for Netflix + Zoom + Webex:
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!