Firewall and Site to Site VPN


#1

Hello,

I am trying to get a definitive answer on this.
We have 2 Peplink 210s, connecteded over a WAN with a Site2site VPN established.

Now, it was my understanding that we just need to open a couple of firewall ports for VPN traffic (TCP 32015, UDP 4500), however it seems that the firewall is blocking our VPN traffic.

Eg - we have applications that need specific TCP and UDP ports open, and they need to communicate across the VPN - unless those ports are specifically opened in the Peplink firewall, traffic is blocked.

So, my question is this:
Is there any way to configure the Site2Site VPN so that VPN traffic bypasses the Firewall rules?

Thanks


#2

You can define an Outbound Firewall Policy which allow all the local subnet to access to all the remote subnet at the VPN peer. You can further define the necessary ports/services if you need to fine tune the firewall policy. The firewall policy will control both the VPN and normal traffic passing thru the Peplink 210.