Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

O365 and URL split VPN on Forticlient

Good Morning, your views and advice on this would be gratefully received. I confess to not being a firewall engineer, am an ex wintel engineer, now wearing a suit, trying to comprehend solutions/options to improve the experience for colleagues that are working from home.


I have Fortigates at all 8 sites (in HA at 3). Ranging from 60E to 100F devices with EMS.

This particular scenario is a 100F (in HA) running 6.2.3 at the Office and the Remote (home) users using Forticlient (v6)  SSL VPN (with Radius/2factor) to connect into the Office. Current configuration is that all traffic is sent down the Forticlient VPN to the Office Fortigate.


Original plan

Stage 1. Push Office365 traffic out locally (avoid the VPN) - Stage1 has the biggest improvement for the staff.

Stage 2. Push web traffic (with exceptions) out locally.


Issues - my web resources that must be routed through the VPN (IP restriction on web service) has a changing IP - we connect via URL and the IP changes as boxes are brought on/taken off. This is a core line of business application.


Is it possible to set this up so that O365 traffic exits locally for our home users and secondly that the web traffic can be directed up the VPN based on URL?


Be gentle!


Top Kudoed Authors