I have a situation affecting some Dell Latitude Laptops (54xx series).
When the VPN is established, there is an incorrect routing entry in the Windows 10 table for our LAN resources where the Gateway points to the IP address of the users home router rather than the VPN interface IP.
Manually deleting the route fixes the issue but that requires elevated privileges so not practical.
Ticket officially logged but just wondering if anyone has experienced this before?
The only way around is to create some sort of windows scheduled task that will run the delete route command with elevated permissions.
The problem I am having with this is to capture the right trigger as the VPN is established, either in event viewer or some process running in Task Manager.
Can anyone help with identifying any of the above as well?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hey Icebun,
I can't say that I've ever come across such an issue before - I'm sometimes using a Dell Latitude (though 74xx series) myself, with Windows 10 and FortiClient 7.0.2, and not having any issues.
Are you using split-tunneling? I'm not; my default route is through VPN when that's up and running (with metric 1 - the local WiFi default route is metric 50), and traffic is being routed exactly as intended.
Hi Debbie,
Yes we are using Split Tunnelling and the issue is only specific to new Dell Laptops.
Another option I am currently exploring is maintaining Split Tunnelling but on the FortiGate FW, explicitly add in all the Routing Addresses under
VPN > SSL-VPN-Portals > Routing Address
Using Cloud EMS so only running 6.4.x FortiClient as the latest.
I recommend you do it this way.
SSL-VPN Portal
Split tunneling>>>Enabled Based on Policy DestinationDNS Split Tunneling>>>DNS Split Tunneling
The FortiClient network driver will intercept DNS requests; if they match the split-dns listed, the DNS request will go across the tunnel and be resolved by the specified DNS servers.
It works well with me.
Take into consideration that FortiClient gets the configuration during it connects. If you do changes disconnect and connect again.
Sorry, words were joined.
SL-VPN Portal
Split tunneling>>>Enabled Based on Policy Destination
DNS Split Tunneling>>>DNS Split Tunneling
I followed this
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Split-DNS-support-for-SSL-VPN/ta-p/194766
Hello, i had problem too, i resolve after remove sofware include in image base DELL.
Go in programs and features , and remove Software Connectexpress drivers of "rivet software"
I could hug you right now!!! I've spent hours looking for a resolution to this. I went ahead and uninstalled Dell Optimizer which in turn removed the ExpressConnect Drivers and Services.
Good one @Patrick42110 . How did you find this was the RC?
Thanks everyone for the replies.
@Patrick42110 it is interesting to know about the Connect Express Driver for the future.
In the end, I had to hard code the Routing Addresses as shown here which resolved my issue.
Interestingly I had to do the same thing and manually specify individual routing addresses. When adding the entire subnet (as was defined in the rules anyway), it didn't work.
Worth noting the two users I had this problem with were also using Dell laptops.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1091 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.