Route Web Traffic Locally

I have a simple BOVPN setup and working. I want the web traffic at the remote site to be routed locally, not over the BOVPN. Is that possible? All the articles I've found are talking about routing web traffic over the VPN. I understand the advantages of this, but I need the remote user a back way to get out if the VPN is down so support can get to their PC.

Comments

  • edited August 2019

    Are we talking about Branch Office VPN or Mobile VPN? BOVPN requires two Fireboxes.. So there is no reason why traffic from the trusted network to External would not go out that Firebox rather than through the tunnel.

    Mobile VPN only requires one Firebox and a PC/Mac user with a home router ( or a seat in Starbucks ;) .. If you are talking about the Mobile VPN, then there is an option to set Internet traffic not to got through the VPN..

    Adrian from Australia

  • If you have a zero/default route BOVPN, then no, as that says to route all outgoing packets over the BOVPN.

    This suggests that SSLVPN access to the remote firewall might work:
    Mobile VPN with IPSec and IKEv2 users cannot connect to Firebox network included in zero-route VPN
    https://watchguardsupport.secure.force.com/publicKB?type=KBKnownIssues&SFDCID=kA40H000000J55MSAS&lang=en_US

    Consider opening a support incident on this.

  • xxup - BOVPN, XTM25 and a T15
    Bruce - It makes no send to have the remote user SSLVPN to the firebox that sits on their desk driving them telephone and printers off the VPN tunnel, hahahaha.

    Are you saying a tech skupport incident would let the web traffic go out locally without the SSLVPN?

  • Via a support incident, you can find out IF and HOW you can do what you want.

    Your support could potentially get to the user's PC via SSLVPN to the remote user's firewall.

Sign In to comment.