GlobalProtect with on-premise firewall is utilized by employees to securely connect to their enterprise environment and access their corporate applications. GlobalProtect supports Split Tunnel Domain & Applications and Exclude Video Traffic features to exclude certain bandwidth clogging applications and domains to help enterprises with business continuity during high Work From Home (WFH) scenarios because of a COVID-19 pandemic or any other type of calamity.
The objective of this document is to provide enterprise administrators with troubleshooting tips and tricks related to Split Tunnel Domain & Applications and Exclude Video Traffic features. This will help administrators during implementation and operational maintenance of these features. For a configuration guide of this feature, refer to Optimized Split Tunneling for GlobalProtect and GlobalProtect: Implement Split Tunnel Domain and Applications.
The following verification and troubleshooting steps are written with consideration of the configuration specified in GlobalProtect: Implement Split Tunnel Domain, Applications, Exclude Video Traffic Configuration and applies to any such configurations.
To verify and troubleshoot the split tunnel domain and application traffic features, you can utilize the following steps:
<exclude-split-tunneling-domain> <member>*.ringcentral.com</member> </exclude-split-tunneling-domain>
<exclude-split-tunneling-application> <member>%AppData%\Local\RingCentral\SoftPhoneApp\Softphone.exe</member> <member>%AppData%\Local\RingCentral\SoftPhoneApp\SoftPhoneMapiBridge.exe</member> <member>/Applications/RingCentral for Mac.app/Contents/MacOS/Softphone</member> </exclude-split-tunneling-application>
NOTE: If an FQDN resolves to multiple IP addresses, all the IP addresses will be added to the exclude rules.
gpsplit [0x52bc2520] :860 Rule 0: 1TCP v4 220.127.116.11 0 > 2PHY (83115) gpsplit [0x52bc2520] :860 Rule 1: 3APP %AppData%\Local\RingCentral\SoftPhoneApp\SoftPhoneMapiBridge.exe > 2PHY (0) gpsplit [0x52bc2520] :860 Rule 2: 3APP %AppData%\Local\RingCentral\SoftPhoneApp\Softphone.exe > 2PHY (0) gpsplit [0x52bc2520] :860 Rule 3: 3APP /Applications/RingCentral for Mac.app/Contents/MacOS/Softphone > 2PHY (0) gpsplit [0x5fd50a40] :933 0x59bc4620 binding to interface en0, index 3
To verify and troubleshoot exclude video traffic from the tunnel (Windows and macOS only) feature, you can utilize following steps: