this semi coincides with the zoom discussion
I've setup Split tunnel and added a bunch of domains *.whatever.com into the split tunnel include domain tab. This works half the time and the other half not at all. I've tested on mac and windows.
I'm also seeing zoom traffic across my vpn tunnel even though I have excluded the domain names and zoom app in my exclude list.
My only resolve is to add the ip addresses to the include or exclude list which solves the issue. But I'm sure many of you are aware with AWS and Cloudfront that is a big chunk of the internet if you are trying to access specific hostnames that are supposed to be coming from your corporate IP address.
At this point the domain include/exclude and application include or exclude is not trustworthy.
After 3 days PA still doesn't know why its happening. So I'm bringing it to the forums to see if anyone here has any ideas or work arounds that I haven't thought of.