Forcing all traffic over IPSec VPN and the ability to do further routing
-
Hello All,
Ii it possible to force all traffic over a sit-to-site IPSec tunnel and then route the traffic to another gateway through the tunnel end point device internal interface?
all traffic-> branch device –>IPSec tunnel --> data center device --> internal interface -> other data center device
Thanks,
-S -
You can't "route" it in the traditional way but depending on what you're trying to do, it may still be possible. It's all up to the Phase 2 networks in IPsec.
You can force all traffic over the tunnel from the LAN (local P2 net = LAN network, remote P2 net = 0.0.0.0/0) but that means everything from the LAN will be forced over IPsec.
Once it hits the other side you'll have to pass it in the rules, NAT it outbound, etc.