Hello everyone,

I'm not sure if I'll get any help on this topic here, but I'll give it a try anyway.

We primarily use FortiClient VPN to establish a VPN connection to our Fortigate via IPsec using SAML.
Some employees who do not work in the company, but are mainly in the home office or work on the road, have the Microsoft Global Secure Access Client installed on their Windows devices.
With the background of tunneling the Microsoft365 connections and web connections via the EntraID GSA without FortiClient VPN.
https://learn.microsoft.com/en-us/entra/global-secure-access/overview-what-is-global-secure-access

In exceptional cases, however, these employees may still require an IPsec VPN connection in order to access various VLANs behind the Fortigate.
The problem is as follows. The employee can connect to the FortiClient VPN, but the connection is terminated after approx. 10 seconds. Nothing can be seen in the FortiClient VPN for incoming traffic.
The FortiClient VPN log files there is nothing useful.
If the Global Secure Access Client is disabled while connecting to the FortiClientVPN, or web filtering is disabled, the tunnel remains active. If the Global Secure Access Client is then enabled again, both will also work.
All internal subnets or the IP of the gateway is already set to Bypass in EntraID, but unfortunately this does not change the behavior.

FortiClient VPN 7.4.2.1737
FortiGate 7.6

Tomorrow, I'll take a look on the fortigate debug.
I have already opened a ticket with Microsoft, but have not yet received anything useful in return.

Thanks