Routing all remote traffic through the VPN tunnel

Chapter 11 IPsec VPN for FortiOS 5.0 : Internet-browsing configuration : Routing all remote traffic through the VPN tunnel

To make use of the Internet browsing configuration on the VPN server, the VPN peer or client must route all traffic through the VPN tunnel. Usually, only the traffic destined for the private network behind the FortiGate VPN server is sent through the tunnel.

The remote end of the VPN can be a FortiGate unit that acts as a peer in a gateway-to-gateway configuration, or a FortiClient application that protects an individual client PC.

• To configure a remote peer FortiGate unit for Internet browsing via VPN, see “Configuring a FortiGate remote peer to support Internet browsing”.

• To configure a FortiClient Endpoint Security application for Internet browsing via VPN, see “Configuring a FortiClient application to support Internet browsing”.

These procedures assume that your VPN connection to the protected private network is working and that you have configured the FortiGate VPN server for Internet browsing as described in “Creating an Internet browsing security policy”.