Hi,
First and foremost I would like to apologise as English is not my first language.
I am using XG125, with firmware 17.1.3
Let me start with the layout of our company's network.
There are 3 sites (A), (B) and (C) which are connected to each other via Site to Site VPN.
At Site (A), there are 2 WAN connections, where WAN (i) will always be active, unless there are any specific needs, then traffic are routed to WAN (ii).
Right now, using Policy Route, this works (Source: Any, Destination: IPs that will trigger WAN (ii), Services: Any, GW: WAN(ii)). All the PC in the network would be able to use the internet via WAN(i), access specific stuffs on WAN(ii), as well as communicate with PCs and Machines that are located at (B) and (C).
Problem arises when there are specific case that a machine at (A) needs to solely use WAN(ii). Routing with (Source: IP of the machine, Destination: Any, Services: Any, GW: WAN(ii)). Now the machine solely use WAN(ii) as intended, but it also lead to the side effect of unable to use VPN, and can't communicate with any machines at (B) and (C). I presume this is due to "Destination: Any" in the routing rule, which lead it to bypass the VPN rule. Funny thing is, in my old firewall when I did a similar routing, VPN still works due to an option that was available in that firewall (VPN rule gets priority).
My question is are there any way for me to get the routed machine to still be routed, but also able to access VPN and see sites (B) and (C) as well.
Thank you
This thread was automatically locked due to age.
