Split Tunnel

Hi all,

For some staff members we've implemented split tunnelling for Office 365 as per this

guide and the optimize addresses

https://docs.microsoft.com/en-us/microsoft-365/enterprise/microsoft-365-vpn-split-tunnel?view=o365-worldwide

How we seem to have a situation whereby if a person is has Outlook open, the connects to VPN, when they need to reauthenticate, Office 365 sees the traffic coming from our VPN/Corporate IP address range?

This could be a problem with the VPN, but what authentication addresses do I need to exclude from going through the VPN? Sorry, networking isn't my strong suit.