• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 218
  • Last Modified:

Internet Access Over VPN

Scenario:


Internet browsing is blocked in one Branch office and users can only send and receive emails by using Microsoft outlook express. With the help of VPN they are accessing data residing on file server located at head office. Is there any way to access head office internet from branch office computer through VPN for a specific computer?.


Note:
There is no proxy server running at head office. internet is shared through sonic wall TZ210 Device.
0
jahangir303
Asked:
jahangir303
  • 5
  • 2
1 Solution
 
AnuroopsunddCommented:
you can route all the traffic for the one machine to your head office. so this machine traffic will be routed through the VPN to HQ and then to internet.
0
 
jahangir303Author Commented:
Please give me some idea how to route traffic?  if you need any details regarding my network i can provide easily, thanks


do we need to user route add command on that specific machine?.
0
 
AnuroopsunddCommented:
as your networks are connected already....and your branch office have local internet you must be routing all internet traffic locally.
if you want to route the traffic of one machine over the VPN. on the gateway router your you can setup route-map .. see below

http://www.cisco.com/en/US/docs/ios/12_0/qos/configuration/guide/qcpolicy.html
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
AnuroopsunddCommented:
So policy routing will allow you to route traffic on the base of source...
http://www.velocityreviews.com/forums/t31147-how-can-i-route-based-on-src-ip-address-mask.html
0
 
jahangir303Author Commented:
I am using sonicwall tz210 device, so please guide me acordingly
0
 
AnuroopsunddCommented:
Just check for source based routing  in sonicwall docs...
0
 
AnuroopsunddCommented:
This can be done, but your users need to either be on differing subnets, or static IPs.

This is handled at the Routing Policy level. Create an Address Group for the subnets (or static IPs) you want routed by X2 instead of X1. Then go to the Routing tab. Create a new Routing Policy that states that anything from that one Address Group will egress through the X2 interface/IP. Set the Interface to X2.

http://serverfault.com/questions/298241/howto-make-sonicwall-use-a-specific-wan-interface-based-on-ip
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now