4. Forcing all traffic over IPSec VPN and the ability to do further routing

Forcing all traffic over IPSec VPN and the ability to do further routing

  • S

    Hello All,

    Ii it possible to force all traffic over a sit-to-site IPSec tunnel and then route the traffic to another gateway through the tunnel end point device internal interface?

    all traffic-> branch device –>IPSec tunnel --> data center device --> internal interface -> other data center device

    Thanks,
    -S

    0
  • Rebel Alliance Developer Netgate

    You can't "route" it in the traditional way but depending on what you're trying to do, it may still be possible. It's all up to the Phase 2 networks in IPsec.

    You can force all traffic over the tunnel from the LAN (local P2 net = LAN network, remote P2 net = 0.0.0.0/0) but that means everything from the LAN will be forced over IPsec.

    Once it hits the other side you'll have to pass it in the rules, NAT it outbound, etc.

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy