Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Pablo_Mosca
New Contributor

Created on ‎07-20-2006 08:54 AM

Route all traffic through VPN

I have 2 offices. Main office has a Fortigate100A, Remote office has Fortigate60. I have my Websense URL filtering server located in my main office and would like to route all traffic in that remote office to go through my main office. Like a WAN. If all traffic is not possible to route to the main office, would anyone have any idea how to route HTTP traffic to go to my Websense server. I tried putting a rule in the remote office firewall to route HTTP, but that didn' t seem to work. I do not use the URL Content filtering on either firewall since I use Websense. Any help?? pmosca@trinitystairs.com
Pablo
Pablo
2172
0 Kudos
6 REPLIES 6
Not applicable

Created on ‎07-20-2006 04:21 PM

You could setup a proxy or a dns server that points all webtraffic throuh the tunnel. or if there aren' t a lot of computers you could just setup a static route in each of the computers -DCG
1365
0 Kudos
Pablo_Mosca
New Contributor
In response to

Created on ‎07-21-2006 08:51 PM

I' m not sure how I' d do the DNS setting nor the route on each PC. Can you explain?
Pablo
Pablo
1365
0 Kudos
wcbenyip
New Contributor III
In response to Pablo_Mosca

Created on ‎07-23-2006 08:22 PM

Pablo, Indeed the points are: 1/ When you stand on the remote FG60, you set a vpn policy to redirect ANY traffic (i.e. 0.0.0.0/0.0.0.0, ANY services) to your HQ office (FG100A). 2/ When you stand back to your HQ (FG100A), set a vpn policy to build up vpn tunnel with remote office as normal like 10.0.0.0/24 3/ On your 100A, set an ADDITIONAL wan1 to wan1 policy, to allow the subnet of remote office to access (eg. 10.0.0.0/24) to access the Internet (0.0.0.0/0.0.0.0) Please try and report~ Thx~
Protect yourself~ http://www.secunia.com MBCS CEH FCNSA
Protect yourself~ http://www.secunia.com MBCS CEH FCNSA
1365
0 Kudos
wcbenyip
New Contributor III

Created on ‎07-20-2006 10:00 PM

I am not sure whether it could help... but it' s no harm to try... Firstly, it' s assumed that you have build up a vpn tunnel between these two offices, beside the standard ipsec vpn setting, some points to note: Setting on remote site' s FG - make sure the destination address in the vpn policy rule is set as ' 0.0.0.0/0.0.0.0' Setting on your local FG - set a fw policy to allow the remote office subnet to access the Internet Please share your result if tested~ Or maybe something I have missed...
Protect yourself~ http://www.secunia.com MBCS CEH FCNSA
Protect yourself~ http://www.secunia.com MBCS CEH FCNSA
1365
0 Kudos
Pablo_Mosca
New Contributor
In response to wcbenyip

Created on ‎07-21-2006 08:49 PM

oops, yes I do have a IPSPEC VPN between the 2 offices. I have the first setting you mentioned already on. But I am not sure what you mean on the second setting. They currently access the internet through their gateway, but I want to route it to through the VPN and to my Websense server.
Pablo
Pablo
1367
0 Kudos
Not applicable
In response to Pablo_Mosca

Created on ‎07-23-2006 07:54 PM

Dear Pablo, You success to completed your tasks? I want to hear your good news and share your experience.
1367
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.