Global Protect - Split Tunnel not Disabled

L0 Member

Global Protect - Split Tunnel not Disabled

I am having an issue with both windows and Mac clients.

I have enabled the no direct access to local subnets option but I am still able to browse to my local router and I am getting reports of users being able to access local printers.

currently the access include and exclude networks are blank.

The GP solution is on a VM in AWS on FW version 9.0.7

Windows GP client is 5.0.5 and the Mac client is both 5.0.8-4 and 5.1.3-12


any help would be much appreciated

L2 Linker

Re: Global Protect - Split Tunnel not Disabled

Have same issue with MAC's running 10.15.x. We are using GP v5.1.3.
However, Windows work fine and do not have same issue.


Opened up a case with TAC and hoping for a update/fix soon..

L1 Bithead

Re: Global Protect - Split Tunnel not Disabled

Do you have domain or application splits enabled?

Cyber Elite

Re: Global Protect - Split Tunnel not Disabled


Check your access routes configuration.


Access routes are the subnets to which  GlobalProtect clients are expected to connect. In most cases this is the LAN networks. To force all traffic to go through the firewall, even traffic intended for the Internet, the network that needs to be configured is "," which means all traffic.



Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!