Last update: 02.02.2026
We are facing a spike in support requests regarding FortiClient VPN and want to share this information with you.
The Problem
When connecting to a FortiGate using IPSec VPN, the FortiClient injects routes into the client’s routing table. Unfortunately, some routes are not injected properly.
We’ve noticed, that the problem only shows up on systems where the FortiClient software has been updated. Not on new installations. So a problem on the FortiGate side can be ruled out.
Also, some test over smartphone hotspots were working fine while tests over cable bound connections failed on the same client.
We’ve seen the problem showing up with FortiClient VPN for Windows in versions 7.2.9, 7.4.2 and 7.4.3. At the moment, we suspect that this may be a problem influenced by windows updates also.
We see duplicate default routes on affected systems, when the tunnel in up:
# route print
[...]
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.13.37 192.168.11.67 15
0.0.0.0 0.0.0.0 10.0.0.2 10.0.0.1 25
[...]
If you have some more information, please let us know with a comment below.
The Solution
Fortinet has created its own knowledge base article. Please try this solution first. We welcome your feedback on this solution in the comments section: https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-FortiClient-not-installing-split-tunnel/ta-p/419529
For the alternative solutions, follow these three simple steps:
- Uninstall the FortiClient from your computer.
- Reboot your computer.
- Install FortiClient again.
Problem solved.
If you have other thoughts, inputs or questions, please use the comment section below to share your knowledge.
Thanks for posting this blog.
We’re experiencing the same issue with 7.2.9 having upgraded from 7.2.5.
Following your article worked a treat.
I guess we’ll be testing 7.2.10 here shortly.
Hello Mr. K
Thank you very much for your very appreciated feedback and another confirmation that Version 7.2.9 also is affected!
To all audience: If someone has a case, I would be very interested to troubleshoot together. I have some registry keys under suspicion:
Try to delete these Registry Keys:[HKEY_LOCAL_MACHINE\SOFTWARE\Fortinet\FortiClient\FA_IKE]
"ShowNegotiationWnd"=dword:00000000
"VendorId"=""
"Alarm"=dword:00000000
"usewincert"=dword:00000001
"use_win_current_user_cert"=dword:00000001
"use_win_local_computer_cert"=dword:00000001
"NoDnsRegistration"=dword:00000001
"BlockIPV6"=dword:00000001
"usesmcardcert"=dword:00000001
"enableudpcsum"=dword:00000000
"disabledefaultroute"=dword:00000000
"show_auth_cert_only"=dword:00000000
"DisallowInvalidServerCert"=dword:00000000
"check_for_cert_private_key"=dword:00000000
"enhanced_key_usage_mandatory"=dword:00000000
"PreferIPSecvpnDns"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Fortinet\FortiClient\FA_VPN]
"on_os_start_connect"=""
"on_logon_connect"=""
"autoconnect_only_when_offnet"=dword:00000000
"autoconnect_on_install"=dword:00000000
"on_os_start_connect_has_priority"=dword:00000001
"KeepRunningMaxTries"=dword:00000000
"disable_internet_check"=dword:00000000
"suppress_vpn_notification"=dword:00000000
"allow_personal_vpns"=dword:00000001
"certs_require_keyspec"=dword:00000000
"disable_connect_disconnect"=dword:00000000
"secure_remote_access"=dword:00000000
"failover_delay_secs"=dword:00000000
"autoconnect_only_when_epc_state_determined"=dword:00000000
"power_resume_autoconnect_delay"=dword:00000005
"user_login_autoconnect_delay"=dword:00000000
"KeepRunningDelay"=dword:00000000
"before_logon_saml_auth"=dword:00000001
"after_logon_saml_auth"=dword:00000000
Thanks again and enjoy the nice summer!
Best regards from the
Boll Tech Team
Hello Boll Tech Team,
today very similar situation with MacOS and FortiClientVPN 7.4.3 macosx.
Solution was uninstall, reboot and install, too.
Sorry, not more details from the Mac user…..
Regards
hello, j’ai exactement ce problème. désinstaller, réinstaller mais cela ne fonctionne pas… une solution, idée ?. Merci. Yvan
Dear Yvan
Thank you for your comment in our Blog.
We suspect, that the problematic part lies in the configuration of FortiClient. So re-installing it and restoring the configuration would reproduce the issue again. Therefore we recommend to create a new configuration.
If this does not help, please try the FortiClient deinstallation utility (fcremove.exe) that can be found under support.fortinet.com / Downloads / Firmware Images / FortiClient / Windows / v7.00 / 7.4 / 7.4.3 / FortiClientTools_7.4.3.1790.zip.
Best regards from the
Boll Tech Team
Hello, I have been looking at the Fortinet support for 3 weeks, but here is their latest response, which I find unacceptable!
Dear Yvan,
Thank you for your comment on our blog.
Yes, we know this answer all too well from our own experience. However, I understand Fortinet’s mindset since the free FortiClient VPN is not supported, as mentioned on many occasions.
Fortunately, if you are a Boll reseller, you can contact our support department directly in the partner area of our website and open a ticket. We are paid a share of the product price, so we don’t officially support FortiClient VPN (since there is no share for us on a Free software). However, we’re less restrictive than Fortinet when it comes to FortiClient cases. However, if we determine that it’s a bug, we are also at the end of our capabilities, as we cannot open support requests for the free client either.
Best regards,
Boll Tech Team
FYI, fcremove.exe 7.4.3 doesn’t work, it doesn’t do anything. I uninstalled Forticlient, deleted all the entries in the registry, rebooted and reinstalled. It works. ;-). Thanks for the help. Yvan
Dear Yvan,
Thank you for your comment on our blog.
The fcremove tool takes about five minutes to open the first window, but it works in the background.
It has worked well in recent cases. However, since you were able to solve the issue by manually deleting the entries, that’s even better! I am glad you were able to solve the issue yourself.
Best regards,
Boll Tech Team
Hi Boll Tech,
Have you found the root cause and a fix to this issue? I am curious as we see this issue sporadically on our 7.4.3 VPN installations. We also found that cleaning and reinstalling solved the problem, but on some of the machines where we have done this, the problem reoccurs after some time.
Dear Jacob
No, unfortunately we have not found the root cause.
But we did not have any cases where the problem came back after solving it.
Best regards,
Boll Tech Team
Hi Boll Tech
FYI: With the Android Version 7.4.5 the split tunnel is also not working. Same IPsec VPN Config with windows Laptop FortiClient 7.4.4 Split tunnel works.
br
Silvan