|
In certain countries or regions, government policies may restrict access to specific applications or web content, such as Facebook or YouTube.
In such cases, users often rely on SSLVPN full tunnel connections through FortiGates located in other regions to bypass these restrictions. While this method can be effective for general content access, it does not work for the Google Play Store on Android devices. Specifically, traffic to Google Play Store cannot be fully tunnelled in SSL VPN full tunnel mode, but still enters the underlay interface. Reference can be found at the end of the FortiClient Android Administration Guide: Connecting to the VPN
The root cause of this behaviour lies in how Google licenses content on the Play Store. Licensing is enforced on a per-country basis. For instance, if an app is licensed for use in select countries but not in Australia, users in Australia will be unable to download it.
To enforce these regional licensing policies, the Google Play Store blocks the installation of any app when it detects the use of a VPN on Android. This applies universally to all VPNs on Android devices, including FortiClient.
Meanwhile, in response to these restrictions, FortiClient for Android also includes a built-in exception that prevents the Google Play Store app from routing traffic through the SSLVPN when the full tunnel is applied. This ensures that users can continue to download apps that are licensed for their actual geographic location. Without this exception, users may be unable to download any apps at all while the VPN is active, even those that are permitted in their country.
So, in summary, using an SSL VPN or any VPN on Android devices will not allow users to bypass government-imposed restrictions on the Google Play Store enforced through local ISPs. VPNs also cannot bypass content restrictions based on Google’s geographic licensing policies.
This is a limitation imposed by Google and applies to all Android VPNs, not just FortiClient.
|
