cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
457
Views
15
Helpful
5
Replies

Exclude MS Teams traffic

Chess Norris
Participant
Participant

Hello,

Is anyone using split tunneling to exclude MS Teams traffic?

We are using a "tunnel all" policy for our RA VPN users, but some users have issues when using MS teams and we want to implement split tunneling to exclude the MS teams traffic from being tunneled. 

My initial thought was to use dynamic split tunneling and exclude all traffic to *.teams.microsoft.com, but according to this guide -Securing Teams media traffic for VPN split tunneling it says "Some VPN client software allows routing manipulation based on URL. However, Teams media traffic has no URL associated with it, so control of routing for this traffic must be done using IP subnets"

So should we instead exclude the subnets described here under "Optimize IP address ranges"?  https://learn.microsoft.com/en-us/microsoft-365/enterprise/microsoft-365-vpn-implement-split-tunnel?view=o365-worldwide 

Thanks

/Chess

5 Replies 5

Milos_Jovanovic
Engager
Engager

Hi @Chess Norris,

I'm using split-exclude quite often. I've tried playing around with excluding domains, but that wasn't working for me at that time. Instead, I'm excluding only "Optimize Required" traffic from this link - scopes 13.107.64.0/18, 52.112.0.0/14, 52.120.0.0/14. This is usually providing regullar RTP experience - video and audio are working smoothly, and screen sharing is not being delayed.

Kind regards,

Milos

Thank you Milos,

Do you have any idea on how often those addresses change? We will probably subscribe to the RSS feed to get notification, but I'm curious if you noticed any changes of addresses since you started excluding those subnets?

Best regards

/Chess

I configured those 3 like 2-3 years ago, and havent changed since.

Kind regards,

Milos