We are using Network Connect, with no split tunnelling, so all traffic flows through the main office while connected, so we can view/log all traffic from machines connected to the network.
Now, we are tasked with getting our remote users connected to our Cisco/Tandberg video conferencing (VC) bridge.
To open the ports to the internal bridge requires a crazy amount of ports, not just to the VC bridge, but to all endpoints, because once setup by the bridge, the session becomes peer-to-peer.
We also have an EXTERNAL video conferencing bridge, where exterrnal partners can connect to, and it's forced to go through the VC bridge.
I want to allow my user to have direct access to the external VC bridge outside of the tunnel, but with all other traffic staying withing the tunnel.
So, my question is, if I put the IP address of our external VC bridge on the split-tunneling policy, will ONLY that traffic be allowed outside of the tunnel? If users try to go to playboy.com, would it still be routed through our corporate office (and blocked by our web filtering solution)?