nebula route for all internet traffic
Options
All Replies
-
Hi @FabrizioF,
Welcome to Zyxel Community!
May I comfirm your question is that you would like to make all devices under NSG50 to access the Internet via VPN site to site (Non-Nebula VPN peers)?
If so, you may configure a policy route "Type VPN, Src IP any, Dst IP (peer LAN IP address)" on NSG50 and configure a policy route "VPN, Src IP any, Dst IP (NSG LAN IP address) on peer site.
Also, configure a policy route on peer site to make all the subnets under NSG50 are able to surf the Internet.Adam0 -
Thanks Adam for the replyI did not understoond well if I have to do the route policy on both firewall or only on the NSG50.From the site where the NSG50 is, I want to direct all internet traffic to the non-Zyxel firewallthanks again0
-
@FabrizioF,
You have to configure the route policy on both site.
If you only configure it on NSG50 to make all traffic to non-nebula firewall, while no policy is set to the non-nebula firewall, traffic from NSG50 via VPN tunnel does not know where to go back.Adam0 -
Hi Adam, i have created route policy on NSG50 but not on the other firewall (through which all internet traffic will go out). His support has said me that isn't necessary.0
Categories
- All Categories
- 397 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 78 Nebula Status and Incidents
- 5.1K Security
- 52 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 70 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 332 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 880 Nebula FAQ
- 415 Security FAQ
- 221 Switch FAQ
- 195 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 63 Security Highlight