SSL-VPN Tunnel Mode Connected but Cannot Access LAN Devices (FortiGate 60F, FortiOS 6.4.14)

Forum|Forum|3 months ago
February 9, 2026
1 reply
392 views

Hello,

We are using FortiGate 60F with SSL-VPN (tunnel mode), running FortiOS 6.4.14 build 2093 (GA).

VPN connects and assigns IP, but users cannot communicate with LAN devices.

What GUI settings should be checked to allow VPN users to access LAN?

Thanks.

funkylicious

SuperUser

hi,

what did you check?

do you have routes on the pc after connecting to the subnets/networks/hosts on the LAN? route print -4 in cmd should show

do you have firewall rules that grant access ?

"jack of all trades, master of none"

Syed5Author

Explorer

Thanks for your response.

Yes, I checked the routes using route print -4. The VPN adapter receives an IP 192.168.100.x, and the route for 192.168.100.0/24 is present.

However both the local LAN and the remote LAN are using the same subnet 192.168.100.0/24, which appears to be causing a routing conflict on the client side.

Regarding firewall policies, there is a policy allowing VPN to LAN with the appropriate source/destination interfaces and services enabled.

Could the overlapping subnet be the root cause in this case?

Thanks.

Syed5Author

Explorer

Just to add, this works on some devices but not on others. The devices where it works and where it doesn’t are at different locations.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded