Screen OS

last person joined: 8 months ago 

This is a legacy community with limited Juniper monitoring.

  • 1.  route traffic through main office via VPN

    Posted 11-13-2012 19:39

    Hi all,

     

    We've three offices, HQ, branchA & branchB, i need to route all internet traffic from branchA & branchB through HQ.

     

    All three offices already connected via IPSEC tunnel.

     

    Kindly advise on route for each branch, and policy needed for HQ.

     

    Thank you.



  • 2.  RE: route traffic through main office via VPN
    Best Answer

     
    Posted 11-13-2012 20:37

    Hello,

     

    You can configure route based IPSec VPN between the branches and HQ site.

    On the branches configure a /32 route for HQ public IP pointing to their respective ISP gateway IPs.

    And configure default route pointing to tunnel interface.

     

    On HQ site configure a policy from the zone in which tunnel lies to the zone where internet traffic is going out and put source NAT on that policy.

     

    Regards

    Sarab



  • 3.  RE: route traffic through main office via VPN

    Posted 11-14-2012 00:34

    Hi Sarab,

     

    Great, it works, save me days of testing.

     

    One more thing, if i set HQ tunnel zone Trust, and branchA tunnel zone Trust, it is not necessary to define any traffic policy between HQ & branchA, right?

     



  • 4.  RE: route traffic through main office via VPN

     
    Posted 11-14-2012 02:09

    I am glad that the query is resolved. regarding other question, if you put both the tunnels in trust and the network to be access across the VPN is also in trust zone then you do not require any policy for traffic between HQ and Branch.

     

     

    Regards

    Sarab

    ==============================================================

    Pls click the button "Accept as Solution" if my post helped to solve your problem