Unlock Exclusive Benefits
Join Our Community Today!
Join our community and post in the forum to earn your exclusive Summer Badge! Become a member today!
LOGIN/REGISTER
CONTINUE AS A GUEST
- Support Forum
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiADC
- FortiAIOps
- FortiAnalyzer
- FortiAP
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCare Services
- FortiCarrier
- FortiCASB
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDLP
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEdgeCloud
- FortiEDR
- FortiEndpoint
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiGuest
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiPresence
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSRA
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiAppSec Cloud
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Support Forum
- Re: Restrict VIPs to SSL VPN Users (Split Tunnel)
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Restrict VIPs to SSL VPN Users (Split Tunnel)
Hello,
Is it possible to restrict VIP objects to only SSLVPN users with split tunnelling enabled? I used the following KB article but it did not seem to work. The FortiGate we are using is 7.2.
The VIP uses a public IP address to map to an internal IP address.
Labels:
- Labels:
-
FortiGate
-
Virtual IP
- « Previous
-
- 1
- 2
- Next »
10 REPLIES 10
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Just a quick update. Thank you, @Christian_89, I tried what you suggested (minus the diagnostics) but it didn't work. I am going to repeat again w/ the diagnostics when time allows to see if I can isolate the issue.
As a temporary workaround, I enabled DNS on the split tunnel and associated the public hostname w/ an internal IP address that is listed on one of the internal LAN DNS servers. It works for now and for the couple of times it hasn't, asking the user to disable IPv6 on the FortiClient network connection seems to resolve the issue.
- « Previous
-
- 1
- 2
- Next »
Labels
-
FortiGate
10,210 -
FortiClient
2,078 -
FortiManager
864 -
5.2
687 -
FortiAnalyzer
668 -
5.4
638 -
FortiSwitch
564 -
FortiAP
546 -
FortiClient EMS
530 -
6.0
416 -
IPsec
370 -
FortiMail
363 -
5.6
362 -
SSL-VPN
353 -
FortiNAC
260 -
6.2
251 -
Fortiweb
247 -
FortiAuthenticator v5.5
234 -
SD-WAN
178 -
FortiAuthenticator
164 -
FortiGuard
159 -
5.0
152 -
Firewall policy
130 -
6.4
128 -
FortiCloud Products
114 -
FortiGateCloud
113 -
FortiSIEM
110 -
FortiGate-VM
110 -
FortiToken
108 -
Customer Service
107 -
Wireless Controller
96 -
High Availability
82 -
FortiProxy
76 -
ZTNA
70 -
Fortivoice
69 -
Routing
69 -
VLAN
69 -
FortiEDR
68 -
DNS
67 -
FortiADC
66 -
SAML
64 -
Authentication
62 -
BGP
62 -
Certificate
58 -
radius
57 -
FortiSandbox
53 -
SSO
52 -
FortiLink
52 -
LDAP
52 -
FortiExtender
51 -
NAT
50 -
4.0MR3
49 -
Application control
46 -
FortiDNS
43 -
VDOM
41 -
Interface
40 -
Logging
39 -
FortiGate v5.4
38 -
FortiSwitch v6.4
38 -
Virtual IP
38 -
Web profile
37 -
API
36 -
FortiConnect
34 -
FortiWAN
32 -
FortiPAM
32 -
FortiConverter
31 -
SSL SSH inspection
31 -
RMA Information and Announcements
28 -
FortiGate v5.2
27 -
Automation
27 -
Static route
25 -
FortiPortal
24 -
Traffic shaping
24 -
SSID
24 -
FortiSwitch v6.2
23 -
System settings
23 -
FortiGate Cloud
22 -
SNMP
22 -
WAN optimization
21 -
FortiMonitor
20 -
OSPF
19 -
Web application firewall profile
19 -
Web rating
18 -
IP address management - IPAM
18 -
FortiSOAR
17 -
Admin
17 -
Security profile
17 -
FortiAP profile
17 -
FortiDDoS
16 -
Antivirus profile
16 -
FortiCASB
15 -
Proxy policy
15 -
FortiGate v5.0
14 -
IPS signature
14 -
Explicit proxy
13 -
Traffic shaping policy
13 -
Intrusion prevention
13 -
FortiManager v4.0
12 -
FortiDeceptor
12 -
NAC policy
12 -
Traffic shaping profile
12 -
Port policy
12 -
FortiManager v5.0
11 -
FortiAnalyzer v5.0
11 -
FortiWeb v5.0
11 -
FortiBridge
11 -
FortiRecorder
11 -
FortiAI
11 -
DNS filter
11 -
Fabric connector
11 -
Trunk
10 -
Users
10 -
Application signature
10 -
Fortinet Engage Partner Program
10 -
FortiGate v4.0 MR3
9 -
FortiCache
8 -
FortiToken Cloud
8 -
Authentication rule and scheme
8 -
Vulnerability Management
8 -
4.0
7 -
4.0MR2
7 -
Packet capture
7 -
VoIP profile
7 -
Cloud Management Security
7 -
FortiCarrier
6 -
FortiScan
6 -
FortiDirector
6 -
DLP profile
6 -
DLP sensor
6 -
DoS policy
6 -
FortiHypervisor
5 -
FortiNDR
5 -
FortiTester
5 -
Internet service database
5 -
Email filter profile
5 -
Protocol option
5 -
3.6
4 -
DLP Dictionary
4 -
File filter
4 -
Netflow
4 -
TACACS
4 -
Replacement messages
4 -
SDN connector
4 -
Service
4 -
Multicast routing
4 -
FortiDB
3 -
FortiCWP
3 -
Kerberos
3 -
Multicast policy
3 -
FortiInsight
2 -
Video Filter
2 -
Schedule
2 -
ICAP profile
2 -
Zone
2 -
FortiEdge Cloud
2 -
FortiGuest
2 -
4.0MR1
1 -
FortiManager-VM
1 -
Subscription Renewal Policy
1 -
GPRS Tuneling Protocol
1 -
Virtual wire pair
1 -
Lacework
1 -
FortiEdge
1 -
FortiAIOps
1
Top Kudoed Authors
| User | Count |
|---|---|
| 2428 | |
| 1303 | |
| 778 | |
| 556 | |
| 455 |
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2025 Fortinet, Inc. All Rights Reserved.