F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Aziz-90s's avatar
Aziz-90s
Icon for Altocumulus rankAltocumulus
Feb 12, 2023

APM spilt tunneling

Hi all I've configured a network-access VPN and used split tunneling for traffic. now in IPV4 LAN Address Space added X.X.X.X and in DNS Address Space added example.com that linked to the IP knowi...
application delivery
devops
security
Amine_Kadimi's avatar
Amine_Kadimi
Icon for MVP rankMVP
Feb 12, 2023

I second boneyard suggestion to troubleshoot with tcpdump what is going on the wire. I just wanted to add that when you add example.com to the DNS Address Space list you are telling your client to make DNS resolution request for that domain through the tunnel using your internal DNS, so you need to make sure your DNS traffic is allowed to reach your DNS servers. If this is not what you want, you can leave this list empty and rely on public DNS resolution.

Also, if you use DNS Address Sapce, make sure when you generate the client package that "DNS Relay Proxy Service" is enabled