We have a number of branches and in one country specifically we have X3 branches. out of the 3, one brach acts as the head office for that specific country (branch A). The other X2 branches have site to site IPSec tunnels to Branch A. In return Branch A has an IPSec tunnel to our Head Office. So from the other two office we only allow traffic to and from Branch A and not the Head office for a number of reasons. On both IPSec tunnels we have the internal DNS IP's specified.
We do have an internal portal which should be accessible from both the other two branches, which is hosted at the Head Office and accessible via URL. When you ping the URL it uses internal DNS and resolves to the internal IP.
How do we force the traffic for the portal to go via the internet and not the IPSec tunnel? At the moment we have an entry in the host files of the PC's which is a work around and not ideal.Any idea how we can have the traffic routed differently for the specific URL they need to access?