IPSec Tunnel Question

L2 Linker

IPSec Tunnel Question

I have a IPSec tunnel up where the Peer IP is the same as the Remote IP (Proxy ID - Remote).  The Tunnel is up, but traffic destined for that Remote IP isn't traversing the tunnel.  Typically, there is a Private IP as the Remote and a static route could then be set in Virtual Router to send the traffic back across the tunnel.  I'm sure I'm not the first this has happend to, but I'm not entirely sure how to resolve this.  Anyone out here know how to get traffic back across this tunnel?  Both phases of the tunnel is established.

L7 Applicator

Re: IPSec Tunnel Question

Hi @Brad.Herbert

 

I see two possibilities on how to solve this:

  1. Create a policy based forwarding rule so that ypur internal network will be able to reach this public IP over the tunnel instead of directly over the internet
  2. Create a separate virtual router where you add your tunnel interface (and depending on the use of the firewall also your internal interface). In this seperate virtual router you could then configure a route for this public IP with the tunnelinterface as destinationinterface without affecting the IPSec traffic that the firewall needs to be able to send directly over the internetinterface.

I hope this helps.

 

Regards,

Remo

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!