Solved: SDWAN is blocking external IPSec traffic ... so VPN is broke, can I bypass and route inbound VPN tra...

TFougere · ‎09-10-2018

I currently have SDWan deployed in my environment, sitting behind the edge router(s) and it works great!

Aggregation, fault tolerant, optimization,etc.

However, it cannot forward inbound IPSec traffic to my SSLVPN appliance. Can I route 1of my external IPs to a 2 port on my edge router and bypass the SDWan and into a alternate port on my firewall?

Would WCCP work?

paul driver · ‎09-10-2018

Hello

@TFougere wrote: Can I route 1of my external IPs to a 2 port on my edge router and bypass the SDWan and into a alternate port on my firewall?
Would WCCP work?

Policy based routing maybe able to do this?

specify what network or host you wish to policy route and attach the policy route map to the interface of the originating source with a valid next hop towards your FW

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

paul driver · ‎09-10-2018

Hello

@TFougere wrote: Can I route 1of my external IPs to a 2 port on my edge router and bypass the SDWan and into a alternate port on my firewall?
Would WCCP work?

Policy based routing maybe able to do this?

specify what network or host you wish to policy route and attach the policy route map to the interface of the originating source with a valid next hop towards your FW

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

SDWAN is blocking external IPSec traffic ... so VPN is broke, can I bypass and route inbound VPN traffic to another port