Scenario: To access a private network using WARP and Tunnel, I need the Split Tunnel to exclude all Private IP addresses, but include the Tunnel segment that needs to go through WARP, eg.
Currently, the document suggests:
To configure Split Tunnels for private network access:
- First, check whether your Split Tunnels mode is set to Exclude or Include mode.
- If you are using Include mode, add your network’s IP/CIDR range to the list.
- If you are using Exclude mode:
- Delete your network’s IP/CIDR range from the list. For example, if your network uses the default AWS range of
- Re-add IP/CDIR ranges that are not explicitly used by your private network. For the AWS example above, you would add new entries for
172.30.0.0/16. This ensures that that only traffic to
172.31.0.0/16routes through WARP.
By tightening the private IP range included in WARP, you reduce the risk of breaking a user’s access to local resources.
So to exclude
10.0.42.0/24, we remove the segment from
- 10.0.0.0/8 + 10.0.0.0/19 + 10.0.32.0/21 + 10.0.40.0/23 + 10.0.43.0/24 + 10.0.44.0/22 + 10.0.48.0/20 + 10.0.64.0/18 + 10.0.128.0/17 + 10.1.0.0/16 + 10.2.0.0/15 + 10.4.0.0/14 + 10.8.0.0/13 + 10.16.0.0/12 + 10.32.0.0/11 + 10.64.0.0/10 + 10.128.0.0/9 100.64.0.0/10 169.254.0.0/16 172.16.0.0/12 192.0.0.0/24 192.168.0.0/16 220.127.116.11/24 240.0.0.0/4 255.255.255.255/32
This is very tedious. If multiple tunnels need configuration, it becomes a nightmare.