Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Alan3
New Contributor

Created on ‎03-20-2025 01:00 AM

IOS Forticlient VPN issue

I have downloaded FortiClient VPN from the iOS App Store. However, after connecting to the VPN, I found that the internet is not working. On the other hand, it works fine on the Android platform. I would like to ask if you can help resolve this issue.

Labels:
108
0 Kudos
1 REPLY 1
Durga_Ashwath
Staff
Staff

Created on ‎03-21-2025 02:19 AM

Hi Customer,

Please do follow the below steps :

1. Check Split Tunneling Configuration
If Split Tunneling is Enabled:

Go to VPN → SSL-VPN Settings in FortiGate.
Under "Tunnel Mode Client Settings," check if "Split Tunnel" is enabled.
Ensure that the required networks are included in the routing address list.
If only specific subnets are defined, add the 0.0.0.0/0 route to allow internet traffic.
If Split Tunneling is Disabled:
Check if the FortiGate firewall is allowing internet traffic from VPN users.

2. Verify Firewall Policy for VPN Traffic
Go to Policy & Objects → Firewall Policy
Check if there is a policy allowing SSL-VPN users to access the internet.
Source: SSL-VPN users (e.g., ssl.root interface)
Destination: all (or required internet destinations)
Service: ALL (or required services)
Action: Accept
NAT: Enable NAT

3. Check DNS Configuration
If DNS settings are not properly configured, iOS devices may not resolve domain names.
Go to Network → DNS
Set appropriate DNS servers like:
Google DNS: 8.8.8.8, 8.8.4.4
Cloudflare DNS: 1.1.1.1, 1.0.0.1
Apply the DNS settings to SSL-VPN clients under VPN → SSL-VPN Settings
Specify DNS servers under "DNS Server" for clients.

4. Check Routing Issues
Go to Monitor → Routing Monitor
Verify if there is a valid route for 0.0.0.0/0 pointing to the correct gateway.
If there is no default route, add it manually using:
config system virtual-wan-link
set load-balance-mode source-ip-based
end

5. Debug SSL-VPN Logs on FortiGate
To check for errors when an iOS device connects:
diagnose debug enable
diagnose debug console timestamp enable
diagnose debug application sslvpn -1
Look for any issues related to the user's VPN session.

6. Test by Manually Setting DNS on iOS
Go to Settings → Wi-Fi → Select your network → Configure DNS → Manual
Add 8.8.8.8 and 8.8.4.4
Save and reconnect to VPN.

7. Try Different Encryption Algorithms
Some iOS versions may have compatibility issues with certain encryption settings.
Go to VPN → SSL-VPN Settings
Under "Cryptographic Settings," change encryption to:
AES256-SHA256 (recommended)
Avoid deprecated algorithms like 3DES

8. Ensure FortiClient is Updated on iOS
Ensure you are using the latest version of FortiClient VPN from the App Store.
Sometimes, a reinstallation helps resolve the issue.
You may also refer the below article:
https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Lost-internet-connection-when-connec...

Regards,
Durga A


69
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.