global protect split dns

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

global protect split dns

L0 Member

my global protect client is 5.2.0-81,my firewall is pa-5020,software version is 8.1.23.

my global protect did the tunnel split,and dns split.  in globla protect portal, Agent->APP, i configure   Split-tunnel Option "Both network Traffic and DNS",Resolve All FQDNs Using DNS Servers Assigned by the Tunnel (Windows Only)  "NO"。

tunnel splittine down  some domain  ,for example  *.google.com,  *.abc.com

 

Above is the background

 

when i connect the global protect , i  can  access *.google.com and  *.abc.com  .

but when i go to office ,and disconnect the global vpn,  i can't access  *.google.com   *.abc.com,but  i can ping the domain.

 

I use wireshark to capture the packets, but icmp and https, etc., the packets and ip of the domain name of *.abc.com are not captured

 

Are there any students who have encountered similar problems, please help solve the problem, thanks!

 

 

2 REPLIES 2

Cyber Elite
Cyber Elite

@linfei,

Any reason why you're running 5.2.0? Prior to troubleshooting any further I'd upgrade to 5.2.12 and see if that resolves your issue. The following issue IDs all deal with split-tunneling traffic being sent out both virtual and physical adapters.

  • GPC-14104
  • GPC-13970
  • GPC-11804

when update  gp client to 6.0.1,the issue will be solved.  but  our users pc system  is win7 or  older system ,the new gp client don't  is adapted.

  • 1722 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!