Domain-based split-tunneling does not apply to ICMP traffic

Domain-based split-tunneling does not apply to ICMP traffic

17303
Created On 05/08/20 20:22 PM - Last Modified 09/19/22 21:49 PM


Question


ICMP is not working with domain-based split-tunneling?
For example, Ping and Traceroute traffic

Environment


  • Palo Alto Firewall
  • Supported PAN-OS
  • GlobalProtect Gateway
  • Split tunnel configuration.
  • Windows OS
  • MacOS

 

Answer


ICMP requests such as for latency, jitter, ping, and traceroute tests are not supported for domain-based split tunneling

Note: On Windows devices, domain-based tunneling supports TCP traffic only; UDP traffic is not supported in domain-based split tunneling on Windows. Reference: Configure Split Tunnel Based On The Domain And Application
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g0000008U01CAE&lang=en_US%E2%80%A9&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language