SOLVED

VPN split tunneling test tool

%3CLINGO-SUB%20id%3D%22lingo-sub-1364085%22%20slang%3D%22en-US%22%3EVPN%20split%20tunneling%20test%20tool%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1364085%22%20slang%3D%22en-US%22%3E%3CP%3EI%20see%20office%20provides%20a%20tool%20to%20test%20cloud%20connectivity.%20Is%20the%20a%20similar%20tool%20to%20test%20MEMCM%20traffic%20via%20CMG%20and%20VPN%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1364188%22%20slang%3D%22en-US%22%3ERe%3A%20VPN%20split%20tunneling%20test%20tool%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1364188%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F184257%22%20target%3D%22_blank%22%3E%40Keith%20Eason%3C%2FA%3E%26nbsp%3BDune%20here%20from%20the%20MEM%20team.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWe%20don't%20currently%20have%20a%20tool%20like%20this%20but%20the%20idea%20is%20interesting%20%3Asmiling_face_with_smiling_eyes%3A.%20Our%20content%20dashboard%20in%20ConfigMgr%20does%20show%20the%20split%20of%20content%20sources%2C%20so%20you%20may%20be%20able%20to%20extrapolate%20the%20answers%20to%20your%20questions%20from%20there-%20documentation%20on%20that%20is%20here%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmem%2Fconfigmgr%2Fcore%2Fservers%2Fdeploy%2Fconfigure%2Fmonitor-content-you-have-distributed%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmem%2Fconfigmgr%2Fcore%2Fservers%2Fdeploy%2Fconfigure%2Fmonitor-content-you-have-distributed%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWhat%20that%20won't%20show%20you%20is%20policy%20traffic-%20how%20important%20is%20it%20that%20you%20track%20non-content%20traffic%20with%20such%20a%20tool%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1364264%22%20slang%3D%22en-US%22%3ERe%3A%20VPN%20split%20tunneling%20test%20tool%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1364264%22%20slang%3D%22en-US%22%3E%3CP%3ESplit%20Tunneling%20is%20a%20feature%20that%20lets%20the%20user%20select%20specific%20traffic%20to%20be%20pushed%20through%20a%20VPN%20server%2C%20while%20the%20remaining%20data%20is%20handled%20by%20the%20Internet%20Service%20Provider%20(ISP)%20as%20it%20normally%20would%20be.%20This%20works%20by%20allowing%20or%20disallowing%20your%20VPN%20on%20certain%20apps%20or%20websites.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1364276%22%20slang%3D%22en-US%22%3ERe%3A%20VPN%20split%20tunneling%20test%20tool%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1364276%22%20slang%3D%22en-US%22%3ESimply%20trying%20to%20run%20a%20tool%20on%20a%20client%20currently%20connected%20via%20VPN%20to%20see%20where%20the%20potential%20payload%20would%20come%20from%3F%20Our%20CMG%20is%20functional%2C%20and%20I%20am%20told%20we%20split%20tunnel%2C%20but%20need%20to%20provide%20some%20data%20to%20either%20support%20or%20refute.%20Was%20hoping%20there%20was%20a%20tool%20or%20one%20on%20the%20horizon.%3CBR%20%2F%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1386169%22%20slang%3D%22en-US%22%3ERe%3A%20VPN%20split%20tunneling%20test%20tool%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1386169%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F184257%22%20target%3D%22_blank%22%3E%40Keith%20Eason%3C%2FA%3E%26nbsp%3BIn%20this%20case%20Wireshark%20is%20your%20best%20friend.%20Just%20check%20if%20the%20traffic%20go%20straight%20to%20the%20CMG%20or%20is%20encrypted%20and%20goes%20to%20the%20VPN%20tunnel.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Occasional Contributor

I see office provides a tool to test cloud connectivity. Is the a similar tool to test MEMCM traffic via CMG and VPN?

4 Replies
Highlighted
Best Response confirmed by Keith Eason (Occasional Contributor)
Solution

@Keith Eason Dune here from the MEM team.

 

We don't currently have a tool like this but the idea is interesting :smiling_face_with_smiling_eyes:. Our content dashboard in ConfigMgr does show the split of content sources, so you may be able to extrapolate the answers to your questions from there- documentation on that is here: https://docs.microsoft.com/en-us/mem/configmgr/core/servers/deploy/configure/monitor-content-you-hav...

 

What that won't show you is policy traffic- how important is it that you track non-content traffic with such a tool?

Highlighted

Split Tunneling is a feature that lets the user select specific traffic to be pushed through a VPN server, while the remaining data is handled by the Internet Service Provider (ISP) as it normally would be. This works by allowing or disallowing your VPN on certain apps or websites.

Highlighted
Simply trying to run a tool on a client currently connected via VPN to see where the potential payload would come from? Our CMG is functional, and I am told we split tunnel, but need to provide some data to either support or refute. Was hoping there was a tool or one on the horizon.

@Keith Eason In this case Wireshark is your best friend. Just check if the traffic go straight to the CMG or is encrypted and goes to the VPN tunnel.