New Member

Question

FortiClient 5.4 on Windows 10 Connects but does not route Traffic over SSL VPN

Forum|Forum|10 years ago
January 14, 2016
6 replies
99383 views

I have several computers running Windows 10 with FortiClient version 5.4.0.0780. We are a consulting company and connect to one of our clients using an SSL VPN with the FortiClient per their IT Department. When connecting to the VPN, the connection appears to complete successfully but when once the connection is established, all network connectivity is lost. While connected you cannot reach anything on the internet by IP or DNS name nor anything on the other end of the VPN tunnel by IP or DNS name. You can ping the local IP address you are assigned by the VPN server. As soon as you disconnect from the VPN session your local network connectivity is restored.

I have read through the documentation and we are not connected to any other VPN clients when this happens. We also do not have the Cisco VPN Client installed which is known to conflict with the Forticlient. IPv6 was disabled during testing just to rule that out.

Has anyone else experienced this issue and have a work around? Since we don't own a Fortinet product and are just using the free Forticlient, I'm not able to open a ticket with support.

Thanks for any assistance in advance!

Matt

Terry

New Member

Not sure why you're having an issue with the IPs at your client. Are they not "pingable"?

As far as Internet and Local LAN access, the IT Department at your client has configured their Fortinet to disallow traffic outside of the client network, meaning that your consultants local LAN and Internet access out have been disabled when connected to the client via VPN. In order to get that changed, you will need to request that your client's IT department enable traffic outside their network.

This is not something you change, sorry.

gsi_mhornAuthor

New Member

Thank you for the reply. I should add that the problem I'm having does not appear to be that split tunneling is blocking my internet and local traffic. The problem is when I'm connected to the VPN, no traffic is routing (no LAN, no Internet, no remote networks). My work around for this is to use a Windows 7 VM and when connected using the same version of the Forticlient, I have no issues so I don't think it's a server side configuration. While connected to the VPN on the Windows 7 VM, I can reach my LAN, Internet, and remote networks on the other side of the tunnel. It seems to be something specific to Windows 10. Sorry if I didn't make that more clear in my initial post. Do you have any other suggestions?

rwpatterson

New Member

The property you are describing is called split tunneling, where VPN traffic goes to your client's network while all other traffic is routed normally. That needs to be set up by the client's IP staff as stated by Terry@dci. They may have that in place for a reason. You'll have to work with them, since it's their firewall, Fortinet won't talk to you.

gsi_mhornAuthor

New Member

Thank you for the reply. I should add that the problem I'm having is not that split tunneling is blocking my internet and local traffic. The problem is when I'm connected to the VPN, no traffic is routing (no LAN, no Internet, no remote networks). My work around for this is to use a Windows 7 VM and when connected using the same version of the Forticlient, I have no issues. While connected to the VPN on the Windows 7 VM, I can reach my LAN, Internet, and remote networks on the other side of the tunnel. It seems to be something specific to Windows 10. Sorry if I didn't make that more clear in my initial post.

cmpan88_FTNT

Staff

Do have have Dell VPN or DNE is installed on the same machine? Those drivers might be conflicting. You may remove them to verify the issue.

Aggromonster

New Member

I have a similar and potentially related problem. I am attempting to connect to a client running a Fortinet Firewall. The connection is made successfully, but I cannot reach any resource on their network. I cannot even ping the IP of the DNS servers registered with the connection.

Installing the Fortinet VPN client on a Windows 8.2 machine, it connects and network resources are available. I do have the Cisco VPN client installed but not active during the connection. Have tried this on multiple Windows 10 machines (with differing levels of updates) with no success.

Any resolution suggestions? I also am not a Fortinet client and cannot create a support ticket.

Aggromonster

New Member

I am having a similar problem as well. VPN SSL client connects, but no resources on the remote network are available. Could not ping the IP addresses of the DNS servers registered with the connection.

Using a Windows 8.1 machine, the VPN client works as expected. Connects and resources are available. Tried this from multiple Windows 10 machines withe the same result on each.

JohnAgora

New Member

Have you check your windows network setting? Default gateway, etc.?

If everything looks fine some diagnose debug flow will help (on the firewall), if nothing relevant appears, try a wireshark from your Windows 10 (to see where the traffic is going).

xjkrcx

New Member

Did any one get a solution to this? I'm encountering the same issue - the client connects but no remote resources are accessible. Happening on Windows 10 and 8.1. Windows 7 clients are fine, including a 7 VM running on 10.

Ricky_Fleming

New Member

I found that I could not use DNS mapping after connecting with VPN. I could not use \\Server\Files. I had to use \\10.2.0.0\Files. Appears to be a DNS issue that I can't figure out. The IP mapping works great so I will use that.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded