My active routes is not properly updating when using IPSec VPN, what diagnostics am I missing

Hello,

For two devices with the same configuration but different routing table behaviors, the following are the key directions for investigation and solutions:

Check the priority of the Split Tunneling rules in FortiClient: Some VPN clients may override local routing rules through configuration files or management consoles. Even if the configurations appear the same, the actual effective policies may differ due to permissions or configuration loading order.

Check the VPN connection logs (the FortiClient log path is usually C:\ProgramData\Fortinet\FortiClient\Logs), focusing on warnings or errors related to failed route injection.

Check the group policy entries that may affect routing:

Run gpedit.msc, and expand Computer Configuration → Administrative Templates → Network → Network Connections.

Confirm that policies such as "Prohibit the use of route-based VPN" or "Force all traffic through VPN" are not enabled.

Temporarily disable the firewall/antivirus software (such as Windows Defender Real-time Protection, third-party firewalls), and test if the routing table returns to normal.

Reset the underlying network stack of the system: Perform a comprehensive network stack reset (requires administrator privileges).

Force delete conflicting routes and observe if the VPN client re-injects the correct routes (note: a VPN connection restart may be required).

I hope the information above is helpful.

Best regards

Zunhui

============================================

If the Answer is helpful, please click "Accept Answer" and upvote it.