I am in the middle of helping a client absorb one of their clients. This involves moving all of the client’s client’s (redundant I know) IPSec tunnels into my clients FortiGate. This is all fine and dandy. I do IPSec tunnels all the time. Unfortunately for me though, my client’s client utilizes policy based VPN’s which work fine I suppose but jesus they are annoying. Yes, I know they do things just fine. Yes, I know they have their place. I may just be an old dog set in my ways but to me…..Route based IPSec tunnels is bae, Route based IPSec tunnels is life.