Split Tunneling for Wireless Traffic
Split tunneling can now be used for wireless traffic, allowing you to optimize WiFi traffic flow by directing only corporate traffic back to the FortiGate unit's wireless controller, while local application traffic remains local. With split tunneling, a remote user associates with a single SSID, can get access to corporate resources (for example, a mail server) and local resources (for example, a local printer).
| Split tunneling should be only used for SSIDs in tunnel mode. |
Syntax
1. Enabling split tunnelling for an SSID.
config wireless-controller vap
edit <name>
set split-tunneling enable
end
end
2. Setting the IP lists for split tunneling
config w-c {wtp-profile | wtp}
set split-tunneling-acl-local-ap-subnet enable
config split-tunneling-acl
edit <ID>
set id <ID>
set dest-ip <IP_address>
end
end
end