: Enhanced Split Tunnel Configuration
Focus
Focus

Enhanced Split Tunnel Configuration

Table of Contents

Enhanced Split Tunnel Configuration

Host a split tunnel configuration file on a local web server for expanded support for domains, access routes and applications that you can update dynamically.
With Enhanced Split Tunnel you can manage the list domains, access routes, and applications that you want to include or exclude from the GlobalProtect tunnel using a split-tunnel configuration file that you host locally in your environment. This allows you to modify your split-tunnel settings without having to modify the configuration on the GlobalProtect gateway. In addition, this feature increases the number of included and excluded split-tunnel access routes and domains that you can define from 200 to 1,000. To use this capability, create the XML file and host it on a web server that your GlobalProtect endpoints can reach. To secure the XML file, you must sign it and then enable mutual TLS on the server hosting the split-tunnel configuration file. You can push the public key certificate from the portal configuration to the endpoint. The endpoint needs the certificate to authenticate to the web server.