keithmendez
asked on
Sonicwall TZ170/180 Access Rules Question
How do I write the access rules to force all http/https traffic thru a VPN tunnel on a TZ170 or TZ180?
We have remote locations that use TZ170/180's to connect to our Corporate office with a point to point VPN tunnel for data access. What I'd like to do is force them to also route thru the VPN tunnel for Internet traffic so that we can monitor where they go on the Internet with our Websense box. Currently I can deny LAN to WAN traffic for the Web but I can't turn around and enable a LAN to VPN rule for Web traffic because there is no VPN destination choice on the TZ 170/180 like there is on my Pro2040. Is there another way to accomplish this task?
We have remote locations that use TZ170/180's to connect to our Corporate office with a point to point VPN tunnel for data access. What I'd like to do is force them to also route thru the VPN tunnel for Internet traffic so that we can monitor where they go on the Internet with our Websense box. Currently I can deny LAN to WAN traffic for the Web but I can't turn around and enable a LAN to VPN rule for Web traffic because there is no VPN destination choice on the TZ 170/180 like there is on my Pro2040. Is there another way to accomplish this task?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If so, you can achieve what you want, I'm pretty sure, using Policy Route. Make the target gateway for teh rule the Internet gate way at the FAR END of the VPN.
I don't think you can do it with Standard OS.