Hi All,
We have followed this article to set FQDN access using Split tunnel:
The users are able to access the FQDN thought the split-tunnel as expected.
However we noticed that MAC users are unable to browse internet while connected with FortiClient.
While looking into this we noticed that both Windows users and MAC users get a new default route when connecting with FortiClient.
But while Windows users are still able to browse the internet, MAC users are not.
First screenshot is from Windows user with FortiClient connected, this user is still able to browse the internet although the new default route:
Second screenshot is from MAC user, before and after FortiClient connected,
Once the FortiClient is connected this user is unable to browse the internet:
Any advice? tnx
Thank you AEK, will do.
Hi @yanivg11,
Can you show the firewall policy with FQDN configuration? What is the FortiGate and FortiClient version?
Regards,
Created on 02-20-2024 09:49 AM Edited on 02-20-2024 09:52 AM
Hi hbac, thank you for your reply.
I can show my policy without the FQDN entries, I have checked them all and all resolve to specific IP addresses:
Forti version 7.2.3
FortiClient version 7.0.9.0493
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2677 | |
| 1412 | |
| 810 | |
| 703 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.