cancel
Showing results for 
Search instead for 
Did you mean: 

Who rated this post

L4 Transporter

Hi @mdsgn1,

If I understand correctly, you want a way to mark tunneled VPN traffic as "external" so that the Cortex XDR-Managed Windows Firewall can scrutinize the traffic. If that is accurate, I would recommend disabling the Network Location Configuration setting in the Agent Settings Profile for your target endpoint(s). You can do this by going to Endpoints > Profiles, Editing your target profile, and then disabling the Network Location Configuration item as shown below.

 

Disable_Network Location Configuration_TakeI.gif

Once completed, all traffic will be considered External as there will no longer be tests to evaluate positioning. Please let me know how this works for you.

PS:  As an alternative, you can also configure the Network Location Configuration to test for an IP or Domain that you know will fail over the VPN tunnel. However, this would require more advanced knowledge of the network configuration.

--gjenkins
Who rated this post