2 Tunnel interface with default VR and LAN zone selected ( You can create different zones for each tunnel interface, just you have to write security rule for them and Nat rule for the one used in a full tunnel )
1- Create a certificate
2- Create an Authentication Profile.(Here we use Local)
3- Create Local Groups for Split and Full Tunnel
4- Create users in these groups.
5- Create a loopback interface
6- Configure Global Protect Portal (You will only have one portal)
7- We need 2 different client configuration , one for split and one for full.
Choose user groups that we created on each config.Also One gateway should have a port.Here we used 444 but you can use any except for 443.
8- Create 2 seperate Global Protect Gateways, 1 with wan and 1 with loopback interface.Each has different ip pools.
9- Now we have to create NAT and security rules
Now when you connect to Global Protect Portal ip 22.214.171.124 using client software , each group will have different access