Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
alexpendello
New Contributor

Created on ‎09-18-2024 01:57 PM

Split Tunnel issues : user cannot access a portion of subnet which should be accessible

Hello,

 

I have an odd problem.  A user (and SSLVPN users generally) were able to access a network segment which they are no longer able to while using a split tunnel.  All of a sudden, traffic appears to be timing out when trying to access certain addresses on a portion of the exported subnet that should be accessible.

fortigate1.pngfortigate2.pngfortigate3.pngfortigate4.pngfortigate5.pngfortigate6.pngfortigate7.png

 

Shown above in the 1st 4 are the configuration on the fortigate for the SSLVPN.  shown below in the last 3 are the route table on the user's device, as well as the output of their ipconfig /all showing both their Forticlient virtual adapter, and their physical wifi adapter.

the user can ping 10.55.4.* addresses, but not 10.55.5.* addresses

 

Thank you,

Matt

Labels:
203
0 Kudos
1 REPLY 1
AEK
SuperUser
SuperUser

Created on ‎09-18-2024 03:07 PM

Hello Matt

Try enable all logs in the related policy and in implicit deny as well and see if the traffic toward 10.55.5.* is being blocked.

You may also check with sniffer command while trying to access 10.55.5.*:

diag sniffer packet any "host <IP>" 4

AEK
AEK
188
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.