gateway remote on vpn site to site

wolfwebwolfweb Member Posts: 2  Freshman Member
Hi, I have a ipsec vpn site to site active from site1 to site2 
I need for one computer ip on site2 to get internet from gateway
to exit with router on site1
help me, thanks
sorry for my bad english.


  • CooldyCooldy Member Posts: 2  Freshman Member


    For this scenario, it need to add policy route on both Site 1 and Site 2, configuration as below,

    Site 1:

    incoming interface = any, src ip =any, dst ip =, service=any, next hop type = VPN tunnel.                                                                                                         <= Routing back to site 2

    incoming interface = VPN tunnel, src ip =, dst ip =any , service=any, next type=Auto, source network address translation = outgoing-interface.    <= Outgoing traffic NAT


    Site 2:

    incoming interface = lan, src ip =, dst ip =any, service=any, next hopt (type=vpn tunnel, tunnel name= site to site vpn tunnel you created)             <= Redirect the traffic to Site 1.

    Just let me know if the host cannot access Internet by site1.

  • wolfwebwolfweb Member Posts: 2  Freshman Member
    Hi thanks very much for your information, that work fine.

    Now I have to test if the pc (castellanzaprelievi) manages to follow the routes to the wan1/wan2/opt set according to the destination of the services and ip on site1:

Sign In to comment.