Routing public ip address through site to site vpn and then out to internet



  • Hi, Apologies if this is posted in the wrong section.

    We have 2 SG2440 with a IPSEC site to site vpn.  We have a public website which allows logins from only the public ip address at site A we want to be able to access that website from site B, but routing through the vpn and then out as if coming from ip address of site A.

    We have done this for remote access users but specifying the websites ip address in the IPv4 local networks in the tunnel setting for openvpn.

    Any help greatly appreciated.

    Thanks
    Chris


  • LAYER 8 Netgate

    You should be able to do that by creating a phase 2 ESP tunnel with the local LAN and the web site IP address as the two sides.

    You will need to be sure outbound NAT is in place for the source network side on the interface(s) used to access the internet.



  • @Derelict:

    You should be able to do that by creating a phase 2 ESP tunnel with the local LAN and the web site IP address as the two sides.

    You will need to be sure outbound NAT is in place for the source network side on the interface(s) used to access the internet.

    Thanks I'll give it a go.

    Cheers
    Chris



  • @Derelict:

    You should be able to do that by creating a phase 2 ESP tunnel with the local LAN and the web site IP address as the two sides.

    You will need to be sure outbound NAT is in place for the source network side on the interface(s) used to access the internet.

    I've created a 2nd phase 2 entry at the remote site (B) same as the remote subnet but instead specifying the remote public ip address of the website/32 applied and dropped the vpn.  Tunnel comes up but does not route traffic as webpage should display a login, but instead shows page is not available.
    Do I need to do anything at the remote site (A)
    any ideas?


  • LAYER 8 Netgate

    Well, you need the reciprocal phase 2 entry.


Log in to reply