This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 88%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
We have a environment where we have SCCM and have been able to setup CMG however we are looking for traffic redirection for below scenarios.
Scenario 1: Users on VPN (Legacy VPN without split tunneling)
We want to redirect traffic of those users to Onprem for app/ updates/OS
Scenario 2: Users on Zscaler we want to utilize CMG for App deployment and for patches it should get it from CMG.
Now issue is we have Boundary defined as AD sites. is there any way i can redirect Legacy VPN solution traffic to OnPrem and ZPA traffic to CMG. is there any boundary i can define which can do redirection based on Network type (Legacy VPN and ZPA) understand ZPA works on RFC1918 ranges and RFC6598 subnet.
According to my understanding,our scenario solution is achievable without using boundary.
Normally, when our client wants to get the location by querying our DC:
If the DC reply the client , our environment will in scenario 1:our users on VPN.
If the DC still does not reply to the client after several attempts to connect, our environment will search for the Internet tunnel and then we will in Scenario 2: Users on Zscaler or CMG.
If the response is helpful, please click "Accept Answer" and upvote it.