Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Max2
New Contributor II

Lost internet connection when using forticlient

Hello, this is the first time I use Forticlient.

When I establish a VPN connection, I can reach the server but I can't navigate internet from my PC.

Is there a way to solve this issue without make changes on the Forticlient server side?

 

I'm using Windows 10.

Please, give me puntual instructions as I am not expert in configuring net and firewalls.

Thank you

2 Solutions
sw2090
Honored Contributor

Open a cmd window with administrator privilleges. You need them to add/delete routes later on.

before you connect the vpn execute a "route print" in there and look for the Traget "0.0.0.0" - this is your default route. Note down the ip in the column "gateway" there.

Connect the vpn and then execute "route print" in the cmd again. You should notice that the gateway (and interface) for the default route has changed. Als note down that gateway ip.

Then do a "route delete 0.0.0.0" (I think "route delete default" might do aswell but not sure).

Then do a "route add 0.0.0.0 MASK 0.0.0.0 <gateway ip you noted down before connecting vpn>"

At this point you should regain internet connectivity again.

To still be able to reach to your compan servers you might have to analoguely add a static route to the company subnet with corret subnetmask and the gateway you noted after connecting the vpn.

You don't need to enter interface or metric here.

 

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

View solution in original post

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
sw2090
Honored Contributor

that depends on your company :)

As said you should note down the default gateway before AND after connecting the vpn so you have the ip.

Then it would be "route add <yourcompanysubnet> MASK <subnetmask> <gateway ip after connecting the vpn>"

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

View solution in original post

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
11 REPLIES 11
sw2090
Honored Contributor

that depends on your company :)

As said you should note down the default gateway before AND after connecting the vpn so you have the ip.

Then it would be "route add <yourcompanysubnet> MASK <subnetmask> <gateway ip after connecting the vpn>"

-- 

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

-- "It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Max2
New Contributor II

Thank you very much!

Labels
Top Kudoed Authors