Last week after upgrading Fortigate 60E from v6.2.2 to v6.4.0, I noticed having VPN-SSL split-tunnel issues 2 days after the upgrade.
I can remotely connect using SSL-VPN but the Internet doesn't work, only internal addresses (split tunnel is not working). Devices used:
MacOS Catalina version 10.15.5 running FortiClient 126.96.36.1991
iPhone iOS13.5 running FortiClient 6.0.5.0218.
However, using a Windows device with Forticlient 6.4 and trying with the same VPN user account, both internet and internal address work. It was working fine on all MacOS, iOS and Windows devices when I had Fortigate v6.2.2 installed.
From the Fortigate Log Details below I can see the Deny action. But I thought split tunnel prevents internet traffic access to the firewall in the first place.
Action: Deny:policy violation
Policy Type: Firewall
[SOLVED] AFTER upgrading FortiGate firmware to v6.4.1 (released June 5th, 2020). https://docs.fortinet.com/document/fortigate/6.4.1/fortios-release-notes/289806/resolved-issues
FortiClient SSL VPN split tunnel is not working from macOS Catalina.
post edited by tzals - 2020/06/07 07:57:17