"Adding Route in Windows After Connection via Forticlient to Portal with Enabled Split"
We are facing an issue when connecting to Forticlient on specific machines, whether they are outside the domain or within the domain.
The SSL tunnel has split tunneling enabled for 3 networks:
After connecting to the client, the addition of the 3 routes is correctly directed to the SSL VPN gateway. However, after a few seconds, another route is added for the 10.1.0.0/24 network, directing it to the client's home router gateway.
As a result, traffic is being sent to the local client's router instead of going through the firewall.
I conducted some tests and verified that the VPN configuration has the IP 10.1.0.2 as the DNS, and in the portal, it's set as DNS 0.0.0.0/0.
When I change the DNS Set in the portal specifically to a public DNS, the 3 default routes are inserted in the Windows route print, and I don't encounter route addition problems later on.
Upon changing the set dns-server1 from 22.214.171.124 to 10.1.0.2 in the portal, the issue of adding a route to the local client's router gateway resurfaces.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.