Is anyone using split tunneling to exclude MS Teams traffic?
We are using a "tunnel all" policy for our RA VPN users, but some users have issues when using MS teams and we want to implement split tunneling to exclude the MS teams traffic from being tunneled.
My initial thought was to use dynamic split tunneling and exclude all traffic to *.teams.microsoft.com, but according to this guide -Securing Teams media traffic for VPN split tunneling it says "Some VPN client software allows routing manipulation based on URL. However, Teams media traffic has no URL associated with it, so control of routing for this traffic must be done using IP subnets"
I'm using split-exclude quite often. I've tried playing around with excluding domains, but that wasn't working for me at that time. Instead, I'm excluding only "Optimize Required" traffic from this link - scopes 22.214.171.124/18, 126.96.36.199/14, 188.8.131.52/14. This is usually providing regullar RTP experience - video and audio are working smoothly, and screen sharing is not being delayed.
Do you have any idea on how often those addresses change? We will probably subscribe to the RSS feed to get notification, but I'm curious if you noticed any changes of addresses since you started excluding those subnets?