One thing to be aware of, though, is that split-tunnelling only works on Windows/macOS.
It doesn't work on iOS/Android (it's everything through the tunnel or nothing through the tunnel. And it doesn't work on Linux as there's no working GP Agent yet (there's a buggy 4.1 release that's nowhere near production-use worthy).
We went down the rabbit-hole of trying to get a split-tunnel setup working on iOS/Android for several weeks before getting confirmation from PA Support that it's not supported. The Agent will happily copy the Gateway configuration, including the split tunnel stuff, and then happily ignore it.
I think I just proved Split tunnel is functional in my test because I disabled my security rule that allows access from VPN zone to Untrust and general internet still works on remote client.
Feeling better about this now. :)
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!