Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
albertcuy
Explorer

Route VPN users through gateway for specific external sites only

Good day everyone,

   Hope everybody is keeping safe and healthy.

   So aside from access to our internal systems, our users also need access to external sites for research. These sites restrict access to our campus public IPs, so somehow i need to add specific routes on the VPN client side to do this.

    Can anyone point me to the right documentation? i've added external sites to the VPN domain(even though i'm not sure if this is wise). i've checked that routes indeed have been added to the client's routing table, and i've verified that traffic from VPN client -> external site is being allowed through...but it still doesn't work. Is there anything else i need to check/do ?

     Thanks

 

    

   

0 Kudos
5 Replies
PhoneBoy
Admin
Admin

I presume you need some NAT rules in place for this.
Have you configured that?

0 Kudos
albertcuy
Explorer

Yes sir. i enabled the automatic NAT rules for the whole VPN subnet. But i don't see the NAT'ing in the logs.

0 Kudos
PhoneBoy
Admin
Admin

I presume you did it this way:

Configure NAT for the Office Mode network:

  1. In SmartDashboard, open the Office Mode network properties.
  2. Go to "NAT" tab.
  3. Check the box "Add Automatic Address Translation rules".
  4. In "Translation method" field, select "Hide" and then select "Hide behind Gateway".
  5. Click on 'OK'.
0 Kudos
albertcuy
Explorer

Yes sir, exactly like that 😀

0 Kudos
PhoneBoy
Admin
Admin

What version/JHF level?
Seems like it might be a bug since many customers use a similar configuration (albeit using "Route All Traffic").

0 Kudos