Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor III

No internet access the user when connected on the Forti Client VPN (IPSEC)

Hi Guys,


I have concern on the VPN Setup, I already setup the IPSEC, I already connected on the VPN IP SEC but this setup is not enable the Split Tunnel so I will access the internet connection on the internet network. after that 

I tried to enable the split tunnel then disabled the policy regarding the VPN to internal internet connection.

When I connected on the VPN i can access the internal site but I can access the internet even the


May I know the cause why I can access the internet during VPN IP Sec.


Thank you and Happy Easter Sunday!


Hi Francisco

In addition to enabling split tunnel in your FG's IPsec config wizard, make sure your IPsec related firewall policy doesn't use "All" as destination, you must use a specific destination range or subnet instead (e.g.: server subnet).


Hi @clfrancisco ,


Please make sure you have two firewall policies at least in Fortigate.

1. vpn to lan

2. vpn to wan


you can take sniffer to check traffic flow while pinging on :

dia sniffer packet any ' host and icmp ' 4 0 l



Rajan Kohli




Rajan Kohli
New Contributor III

When using FortiClient VPN (IPSEC), it is possible that the split tunneling setup did not work as expected, resulting in Internet access through the VPN. Ensure that traffic routing policies are configured correctly so that traffic to internal resources goes through the VPN, and traffic to public resources goes directly. Check the routing settings on the VPN gateway side and the routing settings on the user's computer.


Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors