Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
yeagerrw
New Contributor

Fortigate SSL VPN Gateway IP on Forticlient PC

Hello on the forum!

 

We have a configuration need where the SSL VPN tunnel mode user gets assigned a single static IP assigned via the portal when they sign in, and this IP must be the same with every login.  The appropriate IPs assign correctly among the different users logging in, but I noticed with split tunneling turned off, the VPN assigns a gateway on the Forticlient PC incremented +1 from their fourth octet on the IP.

 

For example: user gets assigned 192.168.1.1, and the gateway on the Forticlient PC = 192.168.1.2 and so forth (IPs used are just examples).

 

I've noticed that turning on split tunneling eliminates this gateway, but we don't want these clients to have internet access.

 

In the Addresses assigned through the VPN portals, I've tried assigning: a subnet = 192.168.1.1/32, and an IP range = 192.168.1.1 - 192.168.1.1 with no prevail.  I've even tried configuring ippools with no prevail.

 

I do have a static route in the firewall SSL interface pointing to our router.

 

Any insight on getting rid of this virtual gateway would be appreciated!

 

Thank you.

0 REPLIES 0