| Description | This article describes how to add subnets bypass in the FortiSASE. |
| Scope | FortiSASE. |
| Solution |
The FortiSASE default route goes to SIA, but in the below situation: The PC IP address is 192.168.1.1/24, while the printer IP address is 192.168.2.1/24. The printer is unreachable once the SIA is connected.
In this case, the subnet 192.168.2.0/24 should be bypassed and routed by the local gateway. In the FortiSASE customized profile, there are only three types of bypass:
Infrastructure, FQDN, Local Application:
The subnet can only be available in the default profile:
All profiles will apply once the bypass subnets are configured in the default profile, but it is greyed out and read-only:
The PC can reach the printer once the bypass subnet 192.168.2.0/24 is added.
The FortiClient config can be found in:
C:\Users\"username"\AppData\Local\FortiClient\fortisslvpn_xml.txt
It includes the below:
<split-tunnel-info negate='1'><addr ip='192.168.2.0' mask='255.255.255.0' /></split-tunnel-info>
The 192.168.2.0 255.255.255.0 goes to the local gateway and can also be found in the local PC 'route print'. |
Unlock Exclusive Benefits
Join Our Community Today!
Join our community and post in the forum to earn your exclusive Spring Badge! Become a member today!
LOGIN/REGISTER
CONTINUE AS A GUEST
- Support Forum
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiADC
- FortiAIOps
- FortiAnalyzer
- FortiAP
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDLP
- FortiDeceptor
- FortiDirector
- FortiDevSec
- FortiEdgeCloud
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiGuest
- FortiInsight
- FortiIsolator
- FortiMail
- FortiMonitor
- FortiManager
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiPresence
- FortiSRA
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiScan
- FortiSandbox
- FortiSASE
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiWAN
- FortiToken
- FortiVoice
- FortiWeb
- FortiAppSec Cloud
- RMA Information and Announcements
- Lacework
- Wireless Controller
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
FortiSASE
FortiSASE delivers both a consistent security posture and an optimal user experience for users working from anywhere. Secure your hybrid workforce by closing security gaps, plus simplify operations.
- Fortinet Community
- Knowledge Base
- FortiSASE
- Technical Tip: How to apply bypass subnet in the F...
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2025 Fortinet, Inc. All Rights Reserved.