Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 1 subscriber
  • Views 637 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to Route Side2Side VPN Offices trough Central WebSecurity

steve1712
Hi there
can someone help me how to configure that the Remote Offices connected trough Side2Side VPN surfs trough the Central Astaro and the HTTP Scan?!

thx
steve


This thread was automatically locked due to age.
Parents
  • 0
    I haven't had an opportunity to try this, but I've thought about it and discussed it several times, so I'll be curious to read your final answer.

    Normally, the VPN from Site A to a Central Site would look like:

    Site A: 192.168.11.0/24

    Remote Gateway: [Public IP of Central Site]
    Remote Networks: 192.168.1.0/24
    Local Networks: 192.168.11.0/24


    Central Site: 192.168.1.0/24

    Remote Gateway: [Public IP Site A]
    Remote Networks: 192.168.11.0/24
    Local Networks: 192.168.1.0/24


    If the goal is to route ALL traffic through the Central Site, this changes to:

    Site A: 192.168.11.0/24

    Remote Gateway: [Public IP of Central Site]
    Remote Networks: 0.0.0.0/0
    Local Networks: 192.168.11.0/24


    Central Site: 192.168.1.0/24

    Remote Gateway: [Public IP Site A]
    Remote Networks: 192.168.11.0/24
    Local Networks: 0.0.0.0/0


    If you only want to send web surf requests, then you probably would want the first configuration with a policy route.

    CHeers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    I haven't had an opportunity to try this, but I've thought about it and discussed it several times, so I'll be curious to read your final answer.

    Normally, the VPN from Site A to a Central Site would look like:

    Site A: 192.168.11.0/24

    Remote Gateway: [Public IP of Central Site]
    Remote Networks: 192.168.1.0/24
    Local Networks: 192.168.11.0/24


    Central Site: 192.168.1.0/24

    Remote Gateway: [Public IP Site A]
    Remote Networks: 192.168.11.0/24
    Local Networks: 192.168.1.0/24


    If the goal is to route ALL traffic through the Central Site, this changes to:

    Site A: 192.168.11.0/24

    Remote Gateway: [Public IP of Central Site]
    Remote Networks: 0.0.0.0/0
    Local Networks: 192.168.11.0/24


    Central Site: 192.168.1.0/24

    Remote Gateway: [Public IP Site A]
    Remote Networks: 192.168.11.0/24
    Local Networks: 0.0.0.0/0


    If you only want to send web surf requests, then you probably would want the first configuration with a policy route.

    CHeers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data