I have a pair of Fortigate 60F's, one is in the USA and one is in the UK. I have a Site to Site VPN currently setup but it is a Split Tunnel so all of the web traffic goes through the respective ISP's.
What I want to do is force all of the UK Web traffic to go through the VPN to the US but allow all other traffic to go through the UK isp so I don't have the added latency.
Is there a way to dictate via policy that the traffic of a specific domain/website go over the VPN or even all http/https traffic go over the vpn while everything else is left alone?
I'm being told by TAC that the Phase 2 Selectors have to be changed to show 0.0.0.0 rather than the defined subnet...so that everything goes through the tunnel and not just traffic that matches the remote subnet destinations. Then some policy based entries. Not sure if it'll work but i'm going to give it a try.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.