Hello, Can anyone explain to me how the FQDN ACL works with split tunneling? I know if you enter an IP address resource and exclude that from the tunnel, the IVE will add routes to the clients route table for those IP resources and use the physical interface of the client. How does it function with an FQDN resource? Does the IVE do a lookup for the listed FQDNs and add the resulting IP addresses to the clients route table or is it doing some kind of intercept live on the traffic destined for the FQDN? I can get my split tunnel to work the way I want using IP address resources to exclude them from being tunneled but I can't seem to get it working when I try using the FQDN of the same systems. Any insight would be greatly appreciated.
... View more