Avatar of iamdieter
iamdieter
Flag for South Africa asked on

Fortigate Routing

Good day

We have a number of branches and in one country specifically we have X3 branches. out of the 3, one brach acts as the head office for that specific country (branch A). The other X2 branches have site to site IPSec tunnels to Branch A. In return Branch A has an IPSec tunnel to our Head Office. So from the other two office we only allow traffic to and from Branch A and not the Head office for a number of reasons. On both IPSec tunnels we have the internal DNS IP's specified.

We do have an internal portal which should be accessible from both the other two branches, which is hosted at the Head Office and accessible via URL. When you ping the URL it uses internal DNS and resolves to the internal IP.

How do we force the traffic for the portal to go via the internet and not the IPSec tunnel? At the moment we have an entry in the host files of the PC's which is a work around and not ideal.Any idea how we can have the traffic routed differently for the specific URL they need to access?
* Fortigate* dns recordsVPN* Policy Based Routing

Avatar of undefined
Last Comment
iamdieter

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Soulja

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
iamdieter

ASKER
Thank you very much. I will give it a try and revert.
Your help has saved me hundreds of hours of internet surfing.
fblack61