This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How route all internet traffic via S2S IP-SEC vpn from Branch (Sophos-CR25ing) to HQ (Palo Alto)

Hi,

I am running IP-sec s2s vpn between branch(Sophos- CR25ING, XG v17.5 ) to HQ (Palo Alto-5220), vpn established and working fine.

for better security and filter, we need all traffic should be routed through HQ, how can we achieve this?

I have not found any proper doc

anybody has solution?

Thanks in advance



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to the Community! 

    If you require all the branch office traffic to use the HQ firewall as a gateway, you can add "Any" in the remote local network. You would also have to make some changes to the HQ firewall; you probably need to configure the firewall rule to allow all the BO traffic. On the BO, ensure that LAN to VPN rule is on top. 

    Thanks,

  • Hi,

    we have local subnet-any in vpn>ipsec connections setting and now as u suggested will make remote subnet add any, is it right?

    sure we will create a reverse route at HQ FW. any precaution to avoid any remote access fails while working

    thanks

Reply Children
No Data