IPSec VPN as outbound Policy


#1

Hello

I can’t see that this has been answered, unless someone can point me in the right direction of course.

I have a Balance 30 (6.3.1 build 3138) with an Active/Established IPsec VPN and I want to route, for example, all web traffic via the IPsec VPN. However regardless of the “Algorithm” I choose the Established IPsec VPN doesn’t show as an option to choose from. Am I missing something? Is there another way round this?

Any help would be appreciated.

Thanks in advance.

HarleyBoy


#2

You can route traffic by using Outbound Policy if you are using PepVPN/SpeedFusion tunnnel.

Are you referring to route HTTP/HTTPS to IPSec tunnel? If so, this is not possible. If you wish to route all traffic to IPSec tunnel, you may configure as below.



#3

That’s a real problem for us. Were planning to install 1 of these in each of the customers 30+ sites and each will point back to a 3rd party proxy server.

Is there anyway of excluding certain traffic if we have to route all subnets through the VPN?

Can this be added in a future release?

Thanks

HarleyBoy


#4

This can be achieved if HQ and remote sites are using PepVPN/SpeedFusion instead if IPSec tunnel. Please consider using PepVPN/SpeedFusion.


#5

Thanks but that’s not possible. As I have said, the “HQ” as you call it is a 3rd party we use as a proxy for web content filtering.


#6

Unfortunately, you can’t achieve what you need in IPSec tunnel. Below is the suggestion:-

Clients —> New Balance router/PBR router (WAN1) —HTTP, HTTPS—> Existing Balance router —IPSec—> Remote IPSec router
--------------------------------------------------(WAN2) —> Internet

Hope this help.