Double VPN configuration on M1/M2 Macs


We have an issue with running WARP alongside either FortiClient VPN and EMS.
The issue appears only on Mac M1 and M2 devices.
What happens:
With Forti Client VPN installed alongside WARP, the internet connectivity(after establishing a connection with Forti and WARP) is lost until FortiClient gets uninstalled and the device gets rebooted.
With Forti EMS(tested on versions 7.0.6 & 7.2.0), whenever WARP gets turned on, the internet connectivity is lost. Uninstalling FortiClient helps.

My understanding is that due to the lack of certain instructions on ARM architecture, Apple limited the amount of non-system processes that can use the networking module. Since we are using IPsec connections, FortiTray reserves the networking module, that WARP cannot later use.


You can try the following steps:

-Check for software updates: Make sure both FortiClient VPN, EMS, and WARP are updated to their latest versions. There might be compatibility fixes released in newer versions that can address the issue you are experiencing.
-Change the order of establishing connections: If you have not tried this already, try connecting to FortiClient VPN or EMS first and then enable WARP. Alternatively, try enabling WARP first and then connect to FortiClient VPN or EMS. This might help to avoid conflicts in network module usage.
-Modify network settings: If both applications are using the same network interfaces, try changing the network settings for either FortiClient or WARP, so that they use different interfaces or ports. This can help to avoid conflicts in network module usage.

Also this article might help you solving your issue:

Hope it helped!

Hi, we found a solution with the help of Forti folks. ZTNA for those devices needs to be turned off in EMS and everything works.

Amazing, glad you could make it work :smiley: