Blocked Resource still resolves through Twingate

I have a private web server that must not be routed through Twingate (the server uses reverse DNS to check for allow-listed computer names). When routed through Twingate, all clients show up as the same IP.
I have set up the Resource in Twingate using the DNS name of the server, with all ports and ICMP blocked. However, the DNS lookups are returning a “twingate” IP for that resource and the traffic routes through the Twingate NIC. I need Twingate to ignore these DNS requests and allow the requests to be answered by the normal DNS servers.
I have a wildcard rule to route all the other traffic for the internal domain, but I need to exclude this single web server.
Any help is much appreciated.
Thank you!

I see what you are trying to accomplish. but that isn’t what resources in Twingate do. We allow access to resources and ignore all other requests.

If you want Twingate to ignore the request simply remove the resource completely. Do not add it. Anything that isn’t a resource or I do not have access to as a resource in Twingate will be ignored.

I hope this helps!

Thank you for your reply Jason! We have a wildcard Resource in Twingate (*.domain.com) that matches all traffic to the domain. We have a single webserver (server123.domain.com) that must not be tunneled through Twingate. In order to “not add” the single web server in question, we would have to add every other resource in the domain to Twingate individually. This would be unmanageable and does not scale. It would be very useful if there is a way to exclude a single resource from Twingate, while the wildcard resource would still match everything else. This reply to a post on April 13] suggested this exact behavior, so I was hopeful I just missing something. Thank you for time!

I see Jon. Thanks for the explanation.
So no we do not do exclude rules at the moment.

So you can explicitly add the domains you do want to route through Twingate.

If you have many routes (IPs of domains) then we can help automate that with a script.
Something that leverages our API.

I have added this as a feature request FYI!

Thank you Jason. Thanks for the feature request! We haven’t played with the API, so this might give us an excuse. Thanks again.