Limits on number of entries for split tunnelling policies
We are looking into setting up split tunnelling to route Microsoft services like office365 and sharepoint online direct to the Internet rather than through the Pulse Secure tunnel but have hit an issue due to a limit of 256 entries in the split tunnelling policy (Microsoft have hundreds on IP address/ranges for these services). I'm trying a policy that excludes the address from the tunnel but will hit similar issues if I try the reverse of just including internal networks as we have a lot of static routes for various addresses not part of our standard addressing scheme.
Re: Limits on number of entries for split tunnelling policies
Unfortunately, no, the more granular the policies have to be, the more the ACLs increase. It may be possible to have a wide ACL and then apply detailed rules; I am not sure, however, if each of the details counts against the overall ACL count or if the main ACL is what is used.