Using Tunneled networks/addresses and Tunneled applications
WireSock Secure Connect provides the ability to filter traffic through a VPN tunnel using Tunneled networks/addresses and Tunneled applications. While these options offer precise control over which applications and destinations are tunneled, it's important to understand how they work together.
Using Tunneled networks/addresses and Tunneled applications Simultaneously
You can use Tunneled networks/addresses and Tunneled applications at the same time, but their behavior follows an AND condition. This means that for traffic to be tunneled, it must match both of the following criteria:
- The destination IP address must be listed in Tunneled networks/addresses.
- The application generating the traffic must be listed in Tunneled applications.
Example Scenario
If you add YouTube’s IP ranges to Tunneled networks/addresses but also list specific applications in Tunneled applications, only traffic from those applications to YouTube’s IPs will be tunneled. Other applications in Tunneled applications that do not communicate with YouTube’s IPs will not be tunneled.
Best Practices
- If you want all traffic from selected applications to go through the tunnel, avoid setting restrictive Tunneled networks/addresses.
- If you need only certain websites to be tunneled, but not entire applications, consider alternative solutions such as split tunneling at the browser or system level.