Skip to main content
Andregyn
Andregyn
New Member
August 28, 2020
Question

PC losing internet connectivity while using FortiClient

  • August 28, 2020
  • 2 replies
  • 68064 views

Hi Guys, 

I hope can help me find a solution for the issue that I am having while using Fortigate email two-factor authentication in a IPSEC VPN. 

The problem is when a user clicks on connect in Forticlient the PC loses internet connectivity and FortClient stays waiting for the email code that was sent to the user email address, but the user can access their email because they are without internet connectivity on the PC.

I am using slipt tunnelling, this does not make sense, because they need the token to connect to VPN but they don't have internet connectivity until they log into the VPN.

Testing the access getting the token using my mobile phone, the VPN connection works how it should, and it does not redirect the default gateway to the VPN, only the slipt tunnelling routes are added to the PC.

I hope someone can help with this inconvenient problem.

Thanks for your help.

    2 replies

    bbilut
    bbilut
    New Member
    August 28, 2020

    sounds like maybe your split tunnel is now working. I'd see if you can do a route print on the PC and look at your routes.

      Andregyn
      AndregynAuthor
      New Member
      August 28, 2020

      Hey, 

      I already checked that, until I type the token no routes are added to the PC routing table, everything remains the same, my default route still my home router, but I can not ping wherever I try to, I can´t ping even my router IP.

      MY PC still without an internet connection or LAN connection until I type de Token to validate the VPN access.

      My PC stops reply ping, I left another PC pinging my LAN IP and as soon I click to connect in FortClient My PC stops pinging in my on Lan, very weird.

      Without two-factor authentication, the same happens but, is very fast, only one ping is lost during the VPN connection, in this scenario the default route is not the IPSEC VPN too. 

      I´ve noticed though even I can not access the internet, I still able to resolve domain names. 

      bbilut
      bbilut
      New Member
      August 28, 2020

      I know with the Forticlient everything default using IPsec the PC will loose access to the local lan devices. You can change this in the xml code settings, but by default it blocks communication with all devices on local lan while connected for security reasons. Can you ping 8.8.8.8?

        ddemetriou
        ddemetriou
        New Member
        August 2, 2024

        Hi guys!! we are doing this procedure and it works smoothly. The problem is that customer came with a request to use vpn over android phones. It seems that there is no config file on android os. Is there anyone who did email 2fa vpn over android os? How did you do it?

        Terms & ConditionsAccessibility statement