Hi MickBall That is what I had and observed also, in the palo traffic logs i could see ms-teams app coming for VPN users. Before I found this forum I had also opened a ticket with support on this issue as wanted a way to confirm traffic for sure is being split or not. What they informed me applications sitting in user context is not supported at this time. I would prefer to use Process ID then IPs as IPs can change and keep config up to date without any automation and checking for changes ---- Here is what the TAC mentioned to me ---- " The full path of the application to be included from the tunnel is currently only resolvable in PanGPS context for windows it is system service context. While for Mac, it is root context in prelogon and user context after user logon. Currently you have the following path %USERPROFILE%\AppData\Local\Microsoft\Teams\current\Teams.exe In order for PanGPS to resolve the path you will need to shift the path to a system service context as opposed to a user context as shown in the example below, "%ProgramFiles(x86)%\Google\Chrome\Application\chrome.exe" Other customer requested us to improve this path issue and submitted it as a feature request. But it has not been implemented yet. So we suggest to avoid this issue by routing. Add routes to exclude from the VPN tunnel. These routes are sent through the physical adapter on endpoints rather than through the virtual adapter (the tunnel). "
... View more