Description
This article shows the steps to enable the split tunneling feature and route only internal traffic via the tunnel.
First configure the SSL-VPN tunnel portal that needs to have split tunneling enabled on. Navigate to VPN > SSL-VPN Portals > enable 'Tunnel Mode', select 'Enabled Based on Policy Destination'
Then enable the SSL VPN, navigate to VPN -> SSL VPN Settings, enable the SSL VPN, and specify the SSL VPN port in 'Listen on port'. Under Authentication/portal mapping, select the user/group and define the Portal that is configured above.
Then create a firewall policy that specifies 'Source' and 'Destination'.
In the field 'Source' specify the user group and the SSL VPN address range configured in the SSL VPN settings.
In the field 'Destination' specify the subnet that needs to have access to when connected over SSL VPN.
This will create a route of the destination subnet that will be injected to the client PC once it is connected over SSL VPN.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.