Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor II

L2TP on FortiGate 5.6 with Split Tunneling



I configured my L2TP with below link and its working fine.

It created two rules automatically. One with traffic going to internal and strangly its use NAT enable in this case.

Second rule it created for L2TP interfaces to Internet without nat and only L2TP. May be some default thing but I change it to enable NAT and I think also change its service from L2TP to all and I can browse but I want that traffic should go direct rather via firewall.

So kind of Split Tunneling for SSL VPN. How can I achieve that?




New Contributor

same problem. I thank those who can give us a tip.

this is my route table while l2tp is up: (   4250         On-link       26


I have a rule to permit the l2tp network to wan, without solution :(


Hey guys, to get the split tunneling feature there is no way to configured from FortiGate side like on VPN SSL. The way to get it, is directly on the windows client. You have to go to VPN connection adapter on Control Panel\Network and Internet\Network Connections\VPN_name >Right Click > Properties > Networking > Internet Protocol Version 4 (TCP/ IPv4)> Properties > Advanced ... > Uncheck (Use default gateway on remote network)


Hope be helpful!!!

New Contributor III


config vpn ipsec phase1-interface    edit "Dialup_IPsec"

        set ipv4-split-include "Internal_Network"     /* Local protected network that the remote dial-up IPsec clients reach */


If you haven't come across the above article, it may contain your solution.

New Contributor

The suggested document only works for IPsec, not L2TP. 

Top Kudoed Authors