Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

SSL VPN Linux Client split-tunneling-routing-negate enable


I have a FortiGate 201E running on the Firmware version 6.4.4.

I have implemented in one SSL VPN Portal:

        set split-tunneling-routing-negate enable         set split-tunneling-routing-address "MS-Teams"

When I use a windows device FortiClient 6.4.0 the routing table is correct.

Default Route goes to the tunnel.

Networks from the group 'MS-Teams' goes to the local breakout.


When I use a Linux device FortiClient 6.4.2 the routing table is incorrect.

Only the networks from the group 'MS-Teams' are route in the tunnel.


Is there something special on the Linux FortiClient to run the negotiated routing table?

New Contributor

I haven't been able to get this to work with the linux client (7.0.x), but it does say at the bottom of the FAQ/KB that the feature is supported specifically:


For Windows machines, FortiClient v6.4.0 and later supports split-tunneling-routing-negate feature.


So I guess that means it is only supported in Windows?  I fixed this in our instance using groups to apply a different VPN portal to users that are using Linux.


Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors