Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
chr1zzo
New Contributor II

Created on ‎09-01-2023 12:49 AM Edited on ‎02-26-2024 07:08 AM By Community Manager

SSL VPN Split Tunneling Routing Address FQDN

Hello,

i am trying to route some ssl vpn traffic to a specific server over our firewall. the server i am trying to reach is a hyperforce infrastructure with frequently changing ip addresses. so it is no option to add a route for an ipv4 address. instead the option would be to add a FQDN instead of an ipv4 address. but it is not available to add an FQDN to the split tunneling tunnel mode routing address override.

Is there a option i can do this.

(perhaps a cronscript witch performs a lookup an adds the ipv4 addresses to an address group?)

thanks a lot

Labels:
3666
0 Kudos
1 Solution
hbac
Staff
Staff

Created on ‎09-01-2023 06:43 AM

Hi @chr1zzo

 

If you have split tunneling enabled based on policy destination, you don't need routing address override. You can specify the FQDN as a destination in the firewall policy. Please refer to https://community.fortinet.com/t5/FortiGate/Technical-Tip-Access-to-Specific-FQDN-using-Split-Tunnel...

 

Please make sure the FortiGate is able to resolve the FQDN of your interface server. 

 

Regards, 

View solution in original post

3629
3 REPLIES 3
hbac
Staff
Staff

Created on ‎09-01-2023 06:43 AM

Hi @chr1zzo

 

If you have split tunneling enabled based on policy destination, you don't need routing address override. You can specify the FQDN as a destination in the firewall policy. Please refer to https://community.fortinet.com/t5/FortiGate/Technical-Tip-Access-to-Specific-FQDN-using-Split-Tunnel...

 

Please make sure the FortiGate is able to resolve the FQDN of your interface server. 

 

Regards, 

3630
mle2802
Staff
Staff

Created on ‎09-01-2023 07:36 AM

Hi @chr1zzo ,

You can do FQDN as destination for the SSL VPN policy as instruction from @hbac. Please make sure to have DNS server resolve the FQDN on both FGT and Client.

3622
0 Kudos
chr1zzo
New Contributor II

Created on ‎09-06-2023 05:43 AM

Hi @hbac @mle2802 

It works. Thanks a lot!

 

3568
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.