How can I set up a client to site VPN with selective routing
Freshman MemberWe currently have an OpenVPN setup on our external network that allows our team to connect to the VPN and gain access to various cloud servers on our extended network. The VPN is set up to not forward all internet traffic but only traffic to selected routes within our infrastructure. This works really well but it is hosted on our external infrastructure.
We have a strong high-speed fibre connection at our HQ and we've been testing using a Zyxel USG40 as a VPN service as we have unused capacity on our connection. However - and this is where I reveal myself to being a little inexperienced - I'm struggling to find a way to limit the WAN traffic to only traffic to our cloud servers. It currently sends all traffic (LAN & WAN) through the VPN.
While it's good that the LAN traffic is correctly routed, we don't want all WAN traffic passing through our office if we can help it. Is this something possible with Zyxel devices or should I look at bringing our OpenVPN setup inside our office?
Comments
-
Hi @MIT
Welcome to Zyxel community
Add policy route can achieve the purpose.
Here is the example to add policy route
Go to Configuration > Network > Routing > Policy Route > click Add
Select the Incoming Interface, Destination Address to server and select next Hop to tunnel
After add the destination to server, add the other rule for other traffic destination is not going to server.
0
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 151 Nebula Ideas
- 98 Nebula Status and Incidents
- 5.7K Security
- 277 USG FLEX H Series
- 277 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.4K Consumer Product
- 250 Service & License
- 395 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 75 Security Highlight
