Hot!SSL VPN Linux Client split-tunneling-routing-negate enable

Author
ChristianK
New Member
  • Total Posts : 5
  • Scores: 0
  • Reward points: 0
  • Joined: 2021/01/27 23:04:44
  • Status: offline
2021/01/27 23:10:47 (permalink)
0

SSL VPN Linux Client split-tunneling-routing-negate enable

Hello,
I have a FortiGate 201E running on the Firmware version 6.4.4.
I have implemented in one SSL VPN Portal:
        set split-tunneling-routing-negate enable
        set split-tunneling-routing-address "MS-Teams"

When I use a windows device FortiClient 6.4.0 the routing table is correct.
Default Route goes to the tunnel.
Networks from the group 'MS-Teams' goes to the local breakout.
 
When I use a Linux device FortiClient 6.4.2 the routing table is incorrect.
Only the networks from the group 'MS-Teams' are route in the tunnel.
 
Is there something special on the Linux FortiClient to run the negotiated routing table?
#1

1 Reply Related Threads

    RaulC
    New Member
    • Total Posts : 1
    • Scores: 0
    • Reward points: 0
    • Joined: 2021/09/27 09:26:33
    • Status: offline
    Re: SSL VPN Linux Client split-tunneling-routing-negate enable 2021/09/27 09:34:43 (permalink)
    0
    I haven't been able to get this to work with the linux client (7.0.x), but it does say at the bottom of the FAQ/KB that the feature is supported specifically:
     
    For Windows machines, FortiClient v6.4.0 and later supports split-tunneling-routing-negate feature.
     
    https://kb.fortinet.com/kb/documentLink.do?externalID=FD49267
     
    So I guess that means it is only supported in Windows?  I fixed this in our instance using groups to apply a different VPN portal to users that are using Linux.
    #2
    Jump to:
    © 2021 APG vNext Commercial Version 5.5