How do I exclude specific traffic (Webex, Zoom, etc) from the remote access VPN?
You can exclude specific traffic from the remote access VPN using dynamic split tunneling based on DNS domain names.
Excluded domains are not blocked. Instead, traffic to those domains is kept outside the VPN tunnel. For example, you could send traffic to Cisco WebEx on the public Internet, thus freeing bandwidth in your VPN tunnel for traffic that is targeted to servers within your protected network.
Procedure
Step 1 | From the Security Cloud Control home page, in the navigation bar, click Inventory. |
Step 2 | Find the Secure Firewall Threat Defense device you want to add this rule to. You can use the filter or search field to find the device. |
Step 3 | Select the device, and in the Device Management pane at the right, click Device Overview. |
Step 4 | Configure the group policy to use Dynamic Split Tunnel.
|
Step 5 | Configure the Secure Client custom attribute in the Add/Edit Group Policy dialog box.
|
Step 6 | Verify the configured custom attribute and click Save. |
Step 7 | When you are ready to deploy this change to the device, click Deploy in the menu bar at the top of the page. |