We are using Forticlient 7.2.1 on Windows 10 22H2 with EMS cloud and assigning IPSEC VPN profiles to our endpoints. These profiles have split-tunnelling configured based on the EMS application definitions i.e. MS teams. What we are finding is that on many clients split-tunnelling is not occurring but on others it is even though they are assigned the same profile. Upon investigation we see that on the systems that are working they have explicit routes for the cloud services added to the Windows client (as viewed via the route print command on windows) but the endpoints that are not working do not.
Q: How can I determine what is causing this? Is there a tool I can use client side to see why these routes are not propagating (dump the config or the like)?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.