Playing around with IPSec VPN on a PA-500 for my mobile users. On iOS, it's working fine with the built in IPSec VPN client, but split tunneling is not supported. I'm wondering if this feature is available if I use the GP client app instead of the built in client. Since it require a licence, I can't test it.
Can you confirm split tunneling can't work without the GP Client (the app) ? Looks like I can't get a demo licence for the GP subscription. I just want to be sure I won't spend that money for nothing. Might be I just have the wrong config...
You have to have GP Portal license to use GP on IOS devices.
Lets say if GP client is not working on IOS device, in that case VPN tunnel doesnt exist. If tunnel doesnt exist then definately split tunnelling will not work.
Bottom line is you require GP Portal license for split tunneling to work.
I can confirm that you can not use split tunnelling with iOS's built-in IPSEC VPN Application.
I can also confirm that with the Palo Alto Networks GlobalProtect iOS application, you can configure split tunnelling. This mobile app requires the GP Gateway subscription license.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!