we're using a FortiGate 100E (v6.0.2 build0163 (GA)) with SSL VPN configured. Remote clients are assigned the entire 10.0.95.0/24 subnet while LAN 192.168.1.0/24 subnet.
No troubles for the remote subnet to access the internal LAN but cannot find a way to make internal LAN access SSL clients. I've tried to set a specific policy to enable traffic from LAN to SSL subnet but it seems to be ignored. Also, the route isn't correct because if I make a tracert from an internal LAN device pointing to a remote client it seems that the FortiGate sends the packet to the outside instead of redirecting them to the remote client through the tunnel interface. What I am missing?
This is the policy that I tried: