Configure split tunnel traffic on GlobalProtect gateways.
You can configure split tunnel traffic based on an access
route, destination domain, application, and HTTP/HTTPS video streaming
The split tunnel capability allows you to conserve bandwidth
and route traffic to:
Tunnel enterprise SaaS and public cloud applications
for comprehensive SaaS application visibility and control to avoid
risks associated with Shadow IT in environments where it is not
feasible to tunnel all traffic.
Send latency-sensitive traffic, such as VoIP, outside the
VPN tunnel, while all other traffic goes through the VPN for inspection
and policy enforcement by the GlobalProtect gateway.
Exclude HTTP/HTTPS video streaming traffic from the VPN tunnel. Video
streaming applications, such as YouTube and Netflix, consume large amounts
of bandwidth. By excluding lower risk video streaming traffic from
the VPN tunnel, you can decrease bandwidth consumption on the gateway.
The split tunnel rules are applied for Windows and macOS endpoints
in the following order:
Refer to the following sections on how to configure split tunnel
traffic on the gateways: