You can force all traffic from VPN clients or clients in protected networks to be routed through a policy-based VPN.
Before you begin
You must have a working VPN between all gateways.
Routing all traffic from VPN clients or clients in protected networks through a policy-based VPN allows the traffic to be inspected centrally.
For more details about the product and how to configure features, click Help or
press F1.
Steps
-
Enable NAT for tunneled traffic in the Policy-Based VPN element’s properties.
-
Change the mode of the central gateway’s sites in this policy-based VPN to
Private and replace them with a Site element that contains the
Any Network element. Disable the
Any Network Site in other VPNs.
-
Reconfigure the policy:
-
Create Access rules.
-
Create NAT rules that translate any private IP addresses to public addresses for the Internet.
-
Redirect the traffic from external components to the central gateway as necessary.
For VPN Gateways elements, add an Access rule that sends the allowed traffic to the VPN.
-
(VPN Clients only) Configure the Virtual Adapter.