I'm struggling with routing issue. We have IPSEC tunnel over gre to parter Cisco routers. For that we needed to crate overlapping ip address interface for IPSEC. Now i have /29 for main WAN connection and /32 for IPSEC interface. In general everything works fine but if we need to access WAN interface IP from internal network (over routing) then /32 connected interface is the best match. In our case it is IPSEC vpn. But that will not work for SSL clients.
So from internal network we can not use same profile as we would use over internet for SSLVPN. It is bit confusing for end user as some of the resources are accessible only over SSL VPN.
Is there a trick to allow traffic from internal networks to wan interface if there is a better route available (/32 rules over /29 connected interface)?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.