We've published GlobalProtect 5.0.5
I added some Exclude Domains and Applications to our Gateway's Split-Tunnel configuration over the weekend. Afterwards, about 5-10% of our VPN clients can not access these domains at all while on VPN. The domains work fine when disconnected. We've had reports of problems with Mac and Windows, but all of my testing has been on Windows.
I've found this simple test detects the problem. The test works with any domain in the exclude domains list. In this case, I've added "*.zoom.us" to the list.
Open powershell and run the command
$tc = New-Object System.Net.Sockets.TcpClient("www.zoom.us",80)
On computers that are ok, that command will have no output. On computers with the problem, the output is like
New-Object : Exception calling ".ctor" with "2" argument(s): "The requested address is not valid in its context 3.235.72.190:80"
Any application that tries to access these domains fails with similar errors. For example, some browsers show ERR_ADDRESS_INVALID
I'm wondering if anybody else has encountered something like this.
