1.Define M365 Traffic IP Ranges:
Microsoft provides specific IP address ranges for their services. You can find the most up-to-date information on M365 services IP ranges from the Microsoft Docs.
2.Create a VPN Profile:
Use the VPN Client Configuration using a tool like Windows PowerShell or the Rasphone command. Create a VPN profile where you will set the parameters for split tunneling.
If using Windows 10 or later, you can use the Windows Configuration Designer to create a provisioning package.
3.Modify the Routing Policy:
In your VPN client configuration, define routing policies that specify that only traffic destined for the Microsoft 365 IP ranges should be sent through the VPN.