Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
speedy96
New Contributor

Created on ‎09-20-2023 08:01 AM

Native Windows VPN and local Lan access

Hi All

I have manged to setup a windows native VPN connection to my FortiGate and also gain internet access via the VPN which is all great. However I was hoping by unticking  "use default gateway on remote network" on the windows VPN interface it would then allow me to browse the internet and access local resources on the LAN I am connecting from. Unfortunately this does give me local internet and resource access back but I lose connection to the remote LAN behind the FortiGate VPN. Is it possible to have access to both via the windows VPN client?

 

I hope that makes sense and many thanks for your help

 

Kind Regards

 

Speedy

Labels:
7400
0 Kudos
2 Solutions
kajlasunil
Staff
Staff

Created on ‎09-20-2023 11:04 AM

Hi @speedy96  https://community.fortinet.com/t5/FortiGate/Technical-Tip-Split-tunneling-on-L2TP-IPSEC-VPN-between/... Please have a look on this KB.

 

This indeed worked in my lab

ks

View solution in original post

7352
0 Kudos
kajlasunil
Staff
Staff

Created on ‎09-20-2023 11:25 AM Edited on ‎09-20-2023 11:25 AM

In the VPN itself, there is no split tunnel option for L2TP. However, it is achievable by making certain changes to the DHCP parameters (indirect way to configure split tunnel)

ks

View solution in original post

7341
0 Kudos
13 REPLIES 13
speedy96
New Contributor
In response to kajlasunil

Created on ‎09-20-2023 03:09 PM

Hi KS,

I have followed the article but I am stuck when assigning the dhcp server. It will not let me use zero's as specified in the article. see screenshot, any ideas?

 

fortinet.jpg

 

 

 

1464
0 Kudos
speedy96
New Contributor
In response to kajlasunil

Created on ‎09-21-2023 05:14 AM

Hi KS,

I think I am nearly there on this. Although the routes don't seem to be coming through from the l2t.root interface. I'm pretty sure I have everything right, I even matched the configuration in the KB article and just added the routes for my internal LAN in the hexadecimal values. Any ideas where I may be going wrong?

 

fn1.jpgfn2.jpg

1459
0 Kudos
speedy96
New Contributor
In response to speedy96

Created on ‎09-21-2023 05:15 AM

Just to add if I manually add the routes from windows it works fine....

1458
0 Kudos
speedy96
New Contributor
In response to kajlasunil

Created on ‎09-21-2023 06:21 AM

KS,

I just wanted to say thanks so much for your help, I now have this working. It turns out I had calculated the Hex Values wrong. I googled for a different IP - Hex tool and it gave me the correct values and then the routes added perfectly and the split tunnel works like a charm. Thanks for all you help. Problem sorted :)

 

Speedy

1452
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.