Hi Guys,
I have concern on the VPN Setup, I already setup the IPSEC, I already connected on the VPN IP SEC but this setup is not enable the Split Tunnel so I will access the internet connection on the internet network. after that
I tried to enable the split tunnel then disabled the policy regarding the VPN to internal internet connection.
When I connected on the VPN i can access the internal site but I can access the internet even the google.com.
May I know the cause why I can access the internet during VPN IP Sec.
Thank you and Happy Easter Sunday!
Hi there,
Please see if the article here fixes your issues.
Hi Francisco
In addition to enabling split tunnel in your FG's IPsec config wizard, make sure your IPsec related firewall policy doesn't use "All" as destination, you must use a specific destination range or subnet instead (e.g.: server subnet).
Hi @clfrancisco ,
Please make sure you have two firewall policies at least in Fortigate.
1. vpn to lan
2. vpn to wan
you can take sniffer to check traffic flow while pinging on 8.8.8.8 :
dia sniffer packet any ' host 8.8.8.8 and icmp ' 4 0 l
Regards
Rajan Kohli
When using FortiClient VPN (IPSEC), it is possible that the split tunneling setup did not work as expected, resulting in Internet access through the VPN. Ensure that traffic routing policies are configured correctly so that traffic to internal resources goes through the VPN, and traffic to public resources goes directly. Check the routing settings on the VPN gateway side and the routing settings on the user's computer.
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2678 | |
| 1412 | |
| 810 | |
| 703 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.