In some cases, the error message may be seen 'Your device may not support more than 30 routes' while using split tunneling.

Symptoms that may be seen with pushing many routes to the client are:

1. FortiClient may disconnect after a few seconds.
2. VPN traffic will not flow.
3. Routes may be missing

If this is the case try the following suggestions:

1. Route Summary.

As an example, a split tunnel address group has the following networks:

• 10.0.1.0/24.
• 10.0.2.0/24.
• 10.0.3.0/24.

The following addresses can be summarized as:

• 10.0.1.0/22

If SSL VPN is being used check the routing address override under VPN -> SSL VPN Portal -> Routing Address Override. Or, if there is no routing address override check the SSL VPN firewall policy.

If IPSec is being used check the split tunneling networks under VPN -> IPSec Tunnels -> Network -> IPv4 split tunnel.

2. Full Tunnel.

When using a full tunnel the route 0.0.0.0/0 will be pushed to the device's routing table when they connect to the SSL VPN.