Bypass varies by access method.
For IPsec, perform an nslookup on the site and then setup a rule in the firewall/router to bypass the IP address of the site. The traffic to the site will not be placed into the IPsec tunnel.
Client Connector (Windows and Mac)/Explicit
Login to the service and go to Service > Network > Mobility > Bypass IP Address(es) | Edit IPs/Subnets > Add Bypass IPs. Enter the IP address and save the changes.
Have the proxy bypass the site. If this is an explicit proxy and you are using a proxy PAC file, add the site to the proxy.pac file. If this is a transparent proxy, add the address to the bypass list so it goes direct. You might need to change firewall and router rules to allow the clients to go direct to those sites.