Forum Discussion

Altocumulus

Feb 12, 2023

APM spilt tunneling

Hi all I've configured a network-access VPN and used split tunneling for traffic. now in IPV4 LAN Address Space added X.X.X.X and in DNS Address Space added example.com that linked to the IP knowi...

MVP

Feb 12, 2023

I second boneyard suggestion to troubleshoot with tcpdump what is going on the wire. I just wanted to add that when you add example.com to the DNS Address Space list you are telling your client to make DNS resolution request for that domain through the tunnel using your internal DNS, so you need to make sure your DNS traffic is allowed to reach your DNS servers. If this is not what you want, you can leave this list empty and rely on public DNS resolution.

Also, if you use DNS Address Sapce, make sure when you generate the client package that "DNS Relay Proxy Service" is enabled

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

APM spilt tunneling

Recent Discussions

ports are showing open on online scanning tool

Upgrade F5 BIGIP

DNS HM Probe issue

Is XFF a must for ASM WAF DoS

Switch ssl profile based on weak cipher detection via IRULE

Related Content

F5 BIG-IP Access Policy Manager (APM) Machine Tunnels for Windows

About APM spilt tunnel DNS

SSL VPN Split Tunneling and Office 365

DNS Tunnel Mitigation v2

DNS Tunneling Protection

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS