Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
JohnAgora
Contributor

IPSEC Site to Site and PBRs

Hello,

 

I need to send specific traffic (PBRs) through a VPN (IPSEC, site-to-site).

The traffic is intended for a subnet (/24) so the IP of the device/server is not an option.

What should the gateway be? 0.0.0.0? 

 

Thanks

4 REPLIES 4
JohnAgora
Contributor

Anyone have an idea?

boneyard
Valued Contributor

usually when routing traffic into a VPN tunnel i don't use a gateway IP. so 0.0.0.0 indeed.

 

did you use an interface based VPN?

JohnAgora

Yes, I'm using an interface based VPN.

Ok, thanks.

Later I'll setup a lab and post here my results

JohnAgora

Hello,

 

After some testing, I've conclude that for the PBR to work the gateway must be the external IP of the VPN (public IP).

 

Cheers!

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors