Are the routes configured on the gateway for globalprotect advertised to a non globalprotect client? Like cisco or a native client?
Most Android devices should be getting the access route configuration and only routing the listed routes through the VPN connection. Same goes for most builds of Linux. Windows I honestly have no idea and would just recomend they use the client; it provides a better experiance and will work as intended.
iOS is a different beast and will only route 0.0.0.0/0 regardless of what you're using as an access route configuration unless you are using the GlobalProtect app. This is a limitation within iOS and not something you can really get around.
It's important to remember that not everyone follows the same 'standards' when they are building things like this out. Something that works as expected on a Motorola or similar Android phone may not work on a Google Pixel running a newer build of Android because everyone implements things a little different.
I have recommended to the mac users in which this situation is a problem but they don't want the globalprotect client on their machines and I also recommended the gp version that allows multiple portals (in which I have found server bugs, like not giving me the options to disconnect LOL)
Yeah I suggested to the user that maybe the information of the routes is not being passed to their native client because either the client cannot understand it, is getting it from someone else or something of that sort
It also appears that the ciscos vpn client allong with the mac native vpn client is getting more routes that is advertised in the globalprotect gatway that it is connecting too
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!