Fortinet black logo

SWG with VPN Deployment Guide

Home FortiSASE SWG with VPN Deployment Guide

Modifying your SSL VPN gateway to enable split tunneling

Modifying your SSL VPN gateway to enable split tunneling

Modify your settings on your SSL VPN gateway so that only traffic to the corporate network is tunneled to the VPN gateway. The following example modifies the FortiOS SSL VPN settings.

To modify FortiOS SSL VPN settings to enable split tunneling:
  1. In FortiOS, go to VPN > SSL-VPN Portals.
  2. Edit the portal that your remote users use.
  3. Under Tunnel Mode > Split tunneling, select Enabled Based on Policy Destination.
  4. Click OK.
  5. Go to Policy & Objects.
  6. Disable the firewall policy that allows traffic from the SSL VPN tunnel interface to WAN.
  7. Edit the firewall policy that allows traffic from the SSL VPN tunnel interface to LAN.
  8. Select the address of the internal network that will be allowed. Only this network will be routable on the endpoint.

  9. Click OK.
Previous
Next

Modifying your SSL VPN gateway to enable split tunneling

Modify your settings on your SSL VPN gateway so that only traffic to the corporate network is tunneled to the VPN gateway. The following example modifies the FortiOS SSL VPN settings.

To modify FortiOS SSL VPN settings to enable split tunneling:
  1. In FortiOS, go to VPN > SSL-VPN Portals.
  2. Edit the portal that your remote users use.
  3. Under Tunnel Mode > Split tunneling, select Enabled Based on Policy Destination.
  4. Click OK.
  5. Go to Policy & Objects.
  6. Disable the firewall policy that allows traffic from the SSL VPN tunnel interface to WAN.
  7. Edit the firewall policy that allows traffic from the SSL VPN tunnel interface to LAN.
  8. Select the address of the internal network that will be allowed. Only this network will be routable on the endpoint.

  9. Click OK.
Previous
Next