Hi, our internet Firewall is a Fortigate 100D. We were required to use 3rd party vpn softwares like express vpn, Astrill VPN, HMA VPN, etc. mainly because we need to access some China based websites which is much faster going thru vpn.
But the problem is every time we connect thru vpn, our public IP changes and this VPN public IP is not recognize by the China based website mainly because they had set a filter for security purposes. In order for us to solve this temporarily, besides connecting to the vpn, we added a "route add" in our Windows 7 computers. This is to ensure that when vpn is connected traffic going to the specific China based websites will not route thru vpn traffic, instead will just route to our local ISP traffic to be recognise by the China based website. Other than the China based websites, all other traffics route thru the VPN connection.
Is there a way to do this via Fortigate?
Thanks
Jeff
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Sorry, bad reply.
You can (I have done it) deployed software based VPN's like OpenVPN on the inside of the network and then use policy based routes to send the interesting traffic to the tunnel.
It is cumbersome and I much prefer just using the built in IPSec configuration of the Gate but you can definitely do it.
Mike Pruett
ok but where do I point the destination? the gateway IP of the vpn? It even brings my second problem that whenever they successfully connects to the vpn, any policy is being bypassed thus giving them access to all restricted sites like social, video stream, etc
Thanks
Jeff
This is for SSL VPN or Site to Site IPSEC etc?
For SSL VPN you will need to turn off split tunneling so all traffic is forced through the VPN. This enables you to truly control what the endpoint is able to access in the same manner as if they are on site.
Mike Pruett
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1713 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.