- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
04-01-2020 03:47 AM
I am trying to add the MS IP's via cli for split-tunnelling.
the documentation states the following...
set network tunnel global-protect-site-to-site <name> client split-tunneling access-route [ <access-route1>
but this is not working on 8.1.9
I can get this far..
set network tunnel global-protect-gateway "gateway-name" but cannot configure the client settings.
any useful docs would be much appreciated.
04-01-2020 04:34 AM
This has been resolved by @goran.katava
set global-protect global-protect-gateway GATEWAY-NAME remote-user-tunnel-configs CONFIG-NAME split-tunneling exclude-access-route
Superstar....
04-01-2020 04:34 AM
This has been resolved by @goran.katava
set global-protect global-protect-gateway GATEWAY-NAME remote-user-tunnel-configs CONFIG-NAME split-tunneling exclude-access-route
Superstar....
12-11-2020 12:03 PM
This path does not work when the device is managed by Panorama:
> edit template <NAME> config vsys vsys1 global-protect global-protect-gateway <NAME> remote-user-tunnel-configs <NAME> split-tunneling
The only options after that point are:
exclude-domains Domains need to go out of tunnel
include-domains Domains need to go through tunnel
<Enter> Finish input
However if I do a show at that point, it clearly shows remaining configuration:
...
exclude-access-route [ 1.1.1.1/32 .....]
...
12-11-2020 01:11 PM
<edit>
It seems to work if you are using the SET command in cli not edit to select path:
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!