FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 222292



This article describes about an issue where after connecting to SSLVPN via FortiClient, users may experience connection issues for up to 10 minutes on Dell laptops with Windows 10/11.

This affects both setups with split-tunneling enabled, where FortiClient pushes the split subnets to the Windows routing table, and setup where all user traffic is sent to the tunnel.




- FortiClient 6.4, 7.0, FortiGate 6.4, 7.0

- Windows 10, Windows 11

- Dell laptops with Dell Optimizer software



When checking the routing table with route print in cmd, an extra route can be seen that points to the local gateway.

This can disrupt the connection to the internal DNS server and/or domain controller.


Example routing table right after connecting:


Network Destination | Netmask | Gateway | Interface | Metric  45  1  46 <--- Route injected via VPN but pointing to which is user local gateway

After routing update:


Network Destination | Netmask | Gateway | Interface Metric  50  1  2 <--- Route updated to SSLVPN gateway


To address this issue, uninstall Dell Optimizer or at least disable ExpressConnect: