This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Route some internet traffic through VPN

Hi,

we have branch which is connected via site to site vpn. They have their own internet access. My question is there anyway i can route the internet on some pc through VPN site to site and not to their firewall?

Thanks,

Nidz



This thread was automatically locked due to age.
Parents
  • Hey ,

    Thank you for reaching out to the community, For Site-to-Site VPN ensure the HO has network mentioned as "ANY" under the gateway settings.

    If you are talking about IPsec remote access, then under the advance settings > ensure "Use as default gateway" is enabled !
    If you are talking about SSL VPN, then under the tunnel access > ensure "Use as default gateway" is enabled !

    And for all this common fw rules should be present under 
    Rules and policies > "VPN to WAN" with Linked NAT > Translated source (SNAT) > MASQ should be selected !

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 

    Log a Support Case | Sophos Service Guide
    Best Practices – Support Case


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

Reply
  • Hey ,

    Thank you for reaching out to the community, For Site-to-Site VPN ensure the HO has network mentioned as "ANY" under the gateway settings.

    If you are talking about IPsec remote access, then under the advance settings > ensure "Use as default gateway" is enabled !
    If you are talking about SSL VPN, then under the tunnel access > ensure "Use as default gateway" is enabled !

    And for all this common fw rules should be present under 
    Rules and policies > "VPN to WAN" with Linked NAT > Translated source (SNAT) > MASQ should be selected !

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 

    Log a Support Case | Sophos Service Guide
    Best Practices – Support Case


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

Children
  • Hi Vivek,

    Thanks for the support. This is site to site VPN from our branch to HO. I need only 1 specific host from the branch to go to internet using HO Internet not the branch Internet.

    For Site-to-Site VPN ensure the HO has network mentioned as "ANY" under the gateway settings. -- > is this located under Configure - Routing -Gateways?

    Thanks,

    nidz

  • Hello

    For IPsec Site-to-Site you may refer the screenshot below:
    If you want the the BO user to get the internet from HO then on the HO gateway settings local should be "Any"

    And then create a FW rule for that client machine or a single user i.e. VPN to WAN to provide/control the internet. 
    ==========================================
    For Remote access SSL the option "use as default gateway" should be enabled:
    And then create a FW rule for that client machine or a single user i.e. VPN to WAN to provide/control the internet. 

    ==============================================
    For Remote access IPsec  the option "use as default gateway" should be enabled:
    And then create a FW rule for that client machine or a single user i.e. VPN to WAN to provide/control the internet. 

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Global Support & Services 

    Log a Support Case | Sophos Service Guide
    Best Practices – Support Case


    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

  • Hi Vivek,

    Thanks for this instruction and screenshot. I will try this later today.

    Thanks and Regards,

    Nidz