4. Routing Site-to-Site IPSec VPN traffic out OpenVPN connection

Routing Site-to-Site IPSec VPN traffic out OpenVPN connection

  • F

    We currently use SG-2220's to connect to OpenVPN tunnels in different regions for testing our website in those locations.
    We want a remote site to connect via IPSec and send all internet bound traffic thru the OpenVPN tunnel.

    I found this guide: Routing Internet traffic thru a site-to-site ipsec vpn
    Can I just change those NAT rules at the end to use the OpenVPN interface instead of WAN? Will that work?
    Seems like a route statement will need to be configured somewhere...

    0
  • LAYER 8 Netgate

    Depends on how the OpenVPN is set up.

    If you are allowing the VPN to pull a default route, all you should need is outbound NAT

    If you are not allowing the OpenVPN to pull a default route, you will need to policy route the IPsec traffic using rules on the IPsec tab to the OpenVPN gateway and enable Outbound NAT.

    0
  • F

    Excellent, "Don't pull routes" is NOT checked, so I think we'll be good to go.

    Thank you!

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy