The IPsec wizard automatically creates a security policy allowing IPsec VPN users to access the internal network. However, since split tunneling is disabled, you must create another policy to allow users to access the Internet through the FortiGate.
- Go to Policy & Objects > IPv4 Policy and select Create New.
Enter a policy Name (in this example, IPsec-VPN-Internet).
Set Incoming Interface to the tunnel interface.
Set Outgoing Interface to wan1.
Set Source to the IPsec client address range.
Set Destination to all.
Set Service to ALL.