Unable to show up applications in Application Experience when connecting the internal network.

• Application results are not shown when connected to the internal network.
• "Resolve All FQDNs Using DNS Servers Assigned by the Tunnel (Windows Only)" is enabled, so when the users connect to the external network, the device will use DNS servers assigned by GlobalProtect.
• When the users connect to the internal network, the device will use internal DNS servers.

• If the user connects to GlobalProtect via an external network, you can see these applications.
   

• Prisma Access
• Strata Cloud Manager
• GlobalProtect
• Autonomous DEM(ADEM)

• Internal DNS servers cannot resolve the external domains.
• In this case the internal domain is unable to resolve teams or outlook domains in the internal network.
• This can be seen in the palo_alto_networks_dem_agent.log, (part of GlobalProtect logs).

2025-03-26 15:25:01.046] [default] [error] Exception logged in function class std::vector > __cdecl AgentCore::Polling::Helpers::ProcessMtrResults(class std::vectorRunner> > &,const bool,const bool)() of file e:\workspace\DEM_windows-agent_releases_5.4.0\src\agent\AgentProcessLib\Polling\agentcore.polling-helpers.cpp:241:16 ---> An MTR test failed to complete successfully.
Exception information ---> Exception: Exception in class MtrTestResult __cdecl AgentCore::Tests::MtrTestRunner::ReadTestResult(void)() at e:\workspace\DEM_windows-agent_releases_5.4.0\src\agent\AgentProcessLib\Tests\agentcore.tests-mtrtestrunner.ixx:79:39 --> MtrTestRunner failed because WinRT failed parsing JSON bin/mtr: Failed to resolve host: teams.microsoft.com: Temporary failure in name resolution

Configure the internal DNS to resolve the external domains.