nebula route for all internet traffic
Options
All Replies
-
Hi @FabrizioF,
Welcome to Zyxel Community!
May I comfirm your question is that you would like to make all devices under NSG50 to access the Internet via VPN site to site (Non-Nebula VPN peers)?
If so, you may configure a policy route "Type VPN, Src IP any, Dst IP (peer LAN IP address)" on NSG50 and configure a policy route "VPN, Src IP any, Dst IP (NSG LAN IP address) on peer site.
Also, configure a policy route on peer site to make all the subnets under NSG50 are able to surf the Internet.Adam0 -
Thanks Adam for the replyI did not understoond well if I have to do the route policy on both firewall or only on the NSG50.From the site where the NSG50 is, I want to direct all internet traffic to the non-Zyxel firewallthanks again0
-
@FabrizioF,
You have to configure the route policy on both site.
If you only configure it on NSG50 to make all traffic to non-nebula firewall, while no policy is set to the non-nebula firewall, traffic from NSG50 via VPN tunnel does not know where to go back.Adam0 -
Hi Adam, i have created route policy on NSG50 but not on the other firewall (through which all internet traffic will go out). His support has said me that isn't necessary.0
Zyxel Employee
Categories
- All Categories
- 393 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 51 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 906 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 210 Service & License
- 332 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 880 Nebula FAQ
- 415 Security FAQ
- 221 Switch FAQ
- 195 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 63 Security Highlight
