Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
chendewu_520
New Contributor II

Created on ‎06-24-2025 03:37 AM Edited on ‎06-24-2025 03:39 AM

I can access office network but cannot access internet after connecting FortiClient on Android phone

Background:

  • Fortigate version: 7.4.7
  • FortiClient version: 7.2.4/7.4.1/7.4.2
  • Android version: Android9, Harmony4.2, Xiaomi Hyperos1.0.4.0

 

    1. I selected split tunnel mode, but the logs show that internet traffic is still being matched through the tunnel

97332CB5-24B7-47d9-BC2C-5DB783BFEF8F.png

    2. I noticed that the default route is being pushed to the VPN interface, just like on wlan0, this may be causing internet traffic to go through the tunnel.

route.png

    3. I tested connecting to another FortiGate running version 7.4.8, and it pushed specific routes to the VPN interface.

35830038-5397-4b8d-9A12-7CBE7F65CA84.png

    4. It might be a bug related to the version7.4.7, but I couldn't find any explanation or fix for it in the 7.4.8 Release Notes.

Labels:
870
0 Kudos
3 REPLIES 3
Jean-Philippe_P
Moderator
Moderator

Created on ‎06-26-2025 09:17 PM

Hello chendewu_520, 

 

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible. 

 

Thanks, 

Regards,

Jean-Philippe - Fortinet Community Team
833
0 Kudos
Jean-Philippe_P
Moderator
Moderator

Created on ‎06-27-2025 01:31 AM

Hello,

 

We are still looking for an answer to your question.

 

We will come back to you ASAP.

 

Thanks,

Regards,

Jean-Philippe - Fortinet Community Team
819
0 Kudos
Jean-Philippe_P
Moderator
Moderator

Created on ‎06-28-2025 08:09 AM

Hello again,

 

I found this solution. Can you tell me if it helps, please?

 

It seems like you are experiencing an issue with split tunneling where internet traffic is incorrectly routed through the VPN tunnel. Here are some steps to troubleshoot and potentially resolve the issue:

 

  1. Verify Split Tunnel Configuration: Ensure that the split tunnel is correctly configured on the FortiGate. Check the VPN settings to confirm that only specific subnets are included in the tunnel, and internet traffic should be excluded.

  2. Check Route Configuration: Verify the route configuration on the FortiGate. Ensure that the default route is not being pushed to the VPN interface. This can be checked in the VPN settings under the phase 2 configuration.

  3. Compare with Working Configuration: Since you mentioned that connecting to another FortiGate running version 7.4.8 works correctly, compare the configuration of both FortiGates. Look for differences in the VPN and routing settings.

  4. Review FortiClient Configuration: - Ensure that the FortiClient is configured to respect the split tunnel settings. Check the FortiClient logs for any discrepancies.

  5. Upgrade to Latest Version: If the issue persists, consider upgrading to FortiGate version 7.4.8, as it may contain fixes not documented in the release notes.

  6. Consult Fortinet Support: If none of the above steps resolve the issue, it may be a bug specific to version 7.4.7. Contact Fortinet Support for further assistance and to report the potential bug.

 

By following these steps, you should be able to identify and resolve the issue with split tunneling.

Regards,

Jean-Philippe - Fortinet Community Team
783
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.