: Starting with GlobalProtect™
app 5.1 with Content Release version 8196-5685
Windows and macOS
You can now configure exclusions for specific
local IP addresses or network segments when you enforce GlobalProtect
for network access. By configuring exclusions, you can improve the
user experience by allowing users to access local resources when
GlobalProtect is disconnected. For example when GlobalProtect is
not connected, GlobalProtect can allow access to link-local addresses.
This allows a user to access to a local network segment or broadcast
On the firewall configured to act as the GlobalProtect
portal, select the relevant app configuration.
Specify up to ten IP addresses or network segments for
which you want to allow access when GlobalProtect cannot establish
The IP addresses you provide for
to specified hosts/networks when Enforce GlobalProtect Connection
for Network Access is enabled and GlobalProtect Connection is not
are used only when
Connection for Network Access
commas to separate multiple addresses or segments.