Exception Configuration for VPN Applications

Exception Configuration for VPN Applications

Netskope Clients installed on devices (mac and Windows) running VPN apps in full tunnel mode may experience conflicts with 3rd party VPN applications. This usually happens when either app attempts to intercept traffic destined to their respective destinations.

This article lists exceptions to add into steering configurations in order to bypass all VPN traffic to the respective VPN gateway. The configuration changes include the following:

  • Creating a Network location policy
  • Adding Destination Location Exceptions to Steering Configuration

Creating Network Location Policy

  1. Login to your Netskope tenant WebUI with admin credentials.
  2. Go to Policies > Network Location
  3. Click New Network Location > Single Object
  4. In the Add Network Location window, enter the following:. . .
    1. Public IP address of your VPN gateway
    2. To add multiple addresses, click the + icon and enter the IP address.
    3. Click Next to continue
  5. Enter the NETWORK LOCATION OBJECT NAME for your network location. For example, corp-vpn and then click Save Network Location.

Adding Exceptions to Steering Configuration.

You can make the following changes to an existing steering configuration or create a new steering configuration with VPN exceptions.

  1. Click Settings > Security Cloud Platform > Steering Configuration.
  2. In the Steering Configuration set up, go to EXCEPTIONS tab > click ADD EXCEPTION and select Destination Network.
    1. Select the newly created network location.
    2. Select the Treat like local IP address location to enable traffic (public IP address) bypass to VPN gateway.
  3. Click ADD EXCEPTIONS and select Domains.
  4. Enter the name of your VPN gateway. For example, if your VPN gateway is vpn.mycorp.com, enter this and click Add.
  5. This completes the configuration to bypass your VPN traffic directly to the VPN gateway.
Share this Doc

Exception Configuration for VPN Applications

Or copy link

In this topic ...