We are facing an issue when connecting to Forticlient on specific machines, whether they are outside the domain or within the domain.
The SSL tunnel has split tunneling enabled for 3 networks:
After connecting to the client, the addition of the 3 routes is correctly directed to the SSL VPN gateway. However, after a few seconds, another route is added for the 10.1.0.0/24 network, directing it to the client's home router gateway.
As a result, traffic is being sent to the local client's router instead of going through the firewall.
I conducted some tests and verified that the VPN configuration has the IP 10.1.0.2 as the DNS, and in the portal, it's set as DNS 0.0.0.0/0.
When I change the DNS Set in the portal specifically to a public DNS, the 3 default routes are inserted in the Windows route print, and I don't encounter route addition problems later on.
Upon changing the set dns-server1 from 8.8.8.8 to 10.1.0.2 in the portal, the issue of adding a route to the local client's router gateway resurfaces.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello Tsug,
Can you share the route print and ipconfig /all details? from both scenarios, also the DNS configuration where you're changing it can you share the snapshot of the same?
Created on 08-18-2023 05:47 AM Edited on 08-22-2023 05:28 AM
-
Tsug,
I believe the output has been removed, Is it possible for you to attach the output again? route print and ipconfig /all with and without VPN with DNS 10.1.0.2 and without DNS 10.1.0.2
Looks like a Dell issue, fix here:
"To address this issue, uninstall Dell Optimizer or at least disable ExpressConnect:"
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Extra-route-in-Windows-routing-table-when/...
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1692 | |
1087 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.