Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 2 subscribers
  • Views 8892 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Route specific internet traffic through outgoing VPN tunnel

KentCalero

I have done this before with Mikrotik, but I wonder if it's possible to do this with Sophos

1. create an outgoing VPN tunnel, openVPN preferred
2. route specific traffic via said tunnel. In this case, I want to masquerade all port 80 traffic via the openVPN tunnel



This thread was automatically locked due to age.
Parents
  • 0

    The UTM's SSL VPN implementation in WebAdmin does not allow this, Kent.  You can do it with RED or an IPsec tunnel.

    What are you trying to accomplish that led you to suggest this solution?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    The applications are pretty wide, security is a big one. Instead of sending traffic through a local ISP, send it through the corporate network, think of it as "VPN on Demand" for everyone else.

    Another case use could be routing HTTP traffic (or any traffic you choose) through an anonymizing VPN connection.

    I know you mentioned IPsec, could we do it through a PPTP?

Reply
  • 0 in reply to BAlfson

    The applications are pretty wide, security is a big one. Instead of sending traffic through a local ISP, send it through the corporate network, think of it as "VPN on Demand" for everyone else.

    Another case use could be routing HTTP traffic (or any traffic you choose) through an anonymizing VPN connection.

    I know you mentioned IPsec, could we do it through a PPTP?

Children
  • 0 in reply to KentCalero

    I had read your initial post as wanting to do a site to site VPN and then selecting certain outbound traffic to go over the VPN instead of directly out to the Internet.

    With the SSL Remote Access method, you determine which traffic passes through the VPN by selecting the subnets In the SSL VPN Profile.   If you want all browsing from off-site to go through the VPN, just add the Internet object to the Profile.  Don't forget to add "VPN Pool (SSL)" to Allowed Networks in Web Filtering.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML