Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

IPsec VPN, route all traffic through VPN tunnel

Posted on 2014-08-26
3
Medium Priority
?
1,849 Views
Last Modified: 2014-08-31
Hi

One of our branch offices has to use an IPsec VPN tunnel to get access to our main office.

We would like to route all traffic from the branch office, through our Fortigate at the main office, included internet traffic.

Main Office: Fortigate 310B
Branch Office: Linksys RV042 v3

Set up route based policies on the Fortigate which allows traffic both ways, and a third policy which allows traffic from the branch office to internet with NAT.

Set up VPN IPsec tunnel on the Linksys correspondent to the settings on the Fortigate.

VPN tunnel works, the branch office can connect to our internal resources, but internet traffic is not routed through the Fortigate.
Tried different settings on the Linksys but can't seem to be able to route internet traffic through the VPN tunnel.


Any suggestions on how to solve this ?


Regards.
0
Comment
Question by:Lenblock
  • 2
3 Comments
 
LVL 3

Expert Comment

by:nickoarg
ID: 40285384
The default gateway should point to the tunnel interface. Remember that on the hub site you need to add the NAT rule to the branch network segment.
0
 

Accepted Solution

by:
Lenblock earned 0 total points
ID: 40285433
Hi

Thanks, but figures it out.

If others are looking for the solution:

Update the RV042 with the latest firmware
Earlier firmware has a bug(if you have hardware v3)

Config VPN tunnel, policies etc. as you would usually do and set the following:

Branch Office(Linksys)
Remote group setup: 0.0.0.0/0.0.0.0
Local Group: 175.22.105.0/24

Main Office(Fortigate)
Local Group (src addr.): 0.0.0.0/.0.0.0.0
Remote Group (dst addr.): 175.22.105.0/24


No need for advanced routing etc. or other config on the Linksys.
Setting up the VPN tunnel like this will make it use the IPsec VPN tunnel for all traffic.
0
 

Author Closing Comment

by:Lenblock
ID: 40295257
Found the solution myself.

Some great posts about how to this if you Google for:
"wildcard forwarding RV042"
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
LinkedIn blogging is great for networking, building up an audience, and expanding your influence as well. However, if you want to achieve these results, you need to work really hard to make your post worth liking and sharing. Here are 4 tips that ca…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

577 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question