Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
djwilliams
New Contributor II

Fortiguard unreachable with full IPSEC tunnel

I have a device providing a full PTP IPSEC tunnel back to the main office. The problem that we have run into is that access to Fortiguard seems to be broken with the full tunnel. Ideally we would like to tunnel everything EXCEPT Fortiguard traffic. Does anyone have an easy way to do that? I have tried rerouting or exempting specific IP addresses but the Fortigate uses a pretty long list of servers to communicate with Fortiguard and it doesn' t seem like they all perform the same function and the more I specify FDN as a list of IPs the more this solution feels like a hack that could break the minute Fortiguard makes FDN changes.
Network Engineer
Network Engineer
0 REPLIES 0
Labels
Top Kudoed Authors