EFW Support

Hello.

We have 2 office, efw 2.5.1 and IPSEC tunnel between. How to send all traffic into IPSEC tunnel from second office? We need send all traffic from PC_2 into IPSEC tunnel to MAIN_OFFICE:

PC_1---GREEN-LAN---MAIN_OFFICE =====IPSEC=====SECOND_OFFICE ---GREEN-LAN---PC_2

thx for help.

Can you try this..  ;D ;D ;D https://endian.zendesk.com/entries/20059443-ssl-vpn-how-to-create-a-net (https://endian.zendesk.com/entries/20059443-ssl-vpn-how-to-create-a-net)

OpenVPN is not IPSEC  :-\

ok.. if ever try this.. https://endian.zendesk.com/entries/20059403-ipsec-vpn-how-to-create-a-net-to-net-connection-endian-to-endian (https://endian.zendesk.com/entries/20059403-ipsec-vpn-how-to-create-a-net-to-net-connection-endian-to-endian) if not can you try to GOOGLE.. ;)

We ALREADY have IPSEC tunnel between MAIN_OFFICE and SECOND_OFFICE!

It's work fine, but when open browser or mail client on PC_2 all traffic goes through SECOND_OFFICE_EFW-->INTERNET.

We need this:
PC_2 --> SECOND_OFFICE_EFW --> IPSEC --> MAIN_OFFICE_EFW --> INTERNET

How to make it through the firewall or routing rules?

Perhaps I am missing something, but it sounds like your problem doesn't really involve IPSec, per se.

In other words, you can currently:

• Connect to the internet from either site.
• Communicate between the two sites via IPSec.

However, the issue you seem to be having is that you want to force all internet traffic from a specific device to travel across the IPSec tunnel and be sent out over the internet connection at the other site. Is that correct?

Tom

Also, if that is the case, then you likely can accomplish what you want via Policy Routing, which is located under "Network > Routing". Specify the source, the destination, and the service, and then how to route that traffic.

You would also use this feature to route traffic from certain computers/interfaces/subnets over a specific WAN uplink if you so desired.

Tom

Wouldn't a simple default gateway entry of the main office EFW machine solve this problem?