I am attempting to assist in setting up our Fortinet VPN Solution at my company. I seem to have everything working so far (test machine can connect through the VPN tunnel over IPSec and access resources on our internal network) except that I cannot connect to the Internet after making the connection. We are using the Forticlient software on the end users machine.
What I want to do is to route all normal Http/Ftp/Etc traffic though the end users home connection and only encrypt the data packets that are accessing internal resources. Is this what the concentrator is for, and if so how do I set it up? I have been looking on Fortinets support site but their documentation is a little outdated and their helpdesk is a little on the slow side.
I have ran wireshark on the test machine and monitored the virtual network addapter. The results I get when I attempt to go to an external website are DNS query and response works, then the ICMP packet gets dropped along the causing the connection to fail. However with the way it is now it is still going through the IPSec connection and then to our LAN and then back through our DNS server. I would rather not have all that additional traffic if at all possible and just dump that traffic to the end users physical connection and not the virtual one.
Does this make any sense? I suppose it does not help that I am new to VPN setup and Fortinet software.
Any help would be greatly appreciated.