Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ninadh22
New Contributor

Ubuntu 20 + Forticlient VPN 7.* Connects to VPN but drops other website access

Hi Team,

 

We are trying to connect to VPN using Forticlient latest version on Ubuntu 20. It connects to VPN but we are able to do google meet call as well as when pinged to 8.8.8.8 packets they are getting received but fails to send the packets. Which leads to blocking internet access. Please suggest any solution here.

 

 

Thanks,

 

1 REPLY 1
kcheng
Staff
Staff

Hi,

 

You may want to check the following:

1. Are you using SSLVPN or IPSec VPN?

2. If you are using SSLVPN, is split-tunnel enabled?

3. If you do not have split-tunnel enabled, please check if you have a policy that allows VPN range IP to access to WAN

4. If you do have split-tunnel enabled, you may want to check your local routing of Ubuntu machine. When split-tunnel is enabled, the route towards the Internet should use the local Internet of your hosts.

 

You can also check the debug flow when you are connected to the VPN by running the following command in FortiGate CLI:

diag deb flow filter saddr <source_IP_of_VPN>

diag deb flow filter daddr 8.8.8.8

diag deb flow filter proto 1

diag deb flow sh function-name ne

diag deb flow sh iprope en

diag deb flow trace start 20

diag deb en

 

Once the above is in place, from the Ubuntu machine, do a ping to 8.8.8.8, you should be able to see whether the packet is being processed or dropped by FortiGate.

 

 

Cheers,
Kayzie Cheng

If you have found a solution, please like and accept it to make it easily accessible for others.
Labels
Top Kudoed Authors