Configure SRX5308 and FVG318 Gateway VPN to pass all Http traffic through tunnel out at SRX5380

Question

I have two physical locations 1) Main Office has SRX5380 2) Remote Office FVG318. I have a VPN established between the two location, however I can not get the Http Traffic from the Remote Office through the tunnel to the Main Office using the Main Office IP address to access the internet.&nbsp; I have attached a file showing the IKE and VPN configuartion policies I am using and I am stuck -- Please help - Thanks
&nbsp;

DaneA · Answer

Hi phoenixrising20,

&nbsp;

Kindly try the following steps below:

&nbsp;

1. On the web-GUI of the SRX5308, go to VPN &gt; IPSec VPN &gt; VPN Policies.&nbsp; Disable the corresponding VPN Policy then click Edit.

In the General section, uncheck Enable NetBIOS.
 In the Traffic Selection section, select Any on the Remote IP dropdown field.
 Click Apply.

2. On the&nbsp;web-GUI of the FVG318,&nbsp;go to VPN &gt; Policies &gt; VPN Policies.&nbsp; Disable the corresponding VPN Policy then click Edit.

In the General section, uncheck Enable NetBIOS.
 In the Traffic Selection section, select Any on the Local&nbsp;IP dropdown field.
 Click Apply.

Let me share the forum thread below because your concern seems to be similar to it:

&nbsp;

https://community.netgear.com/t5/Hardware-VPN-Firewalls-and/In-site-to-site-VPN-I-need-all-internet-traffic-to-exit-site-A/td-p/1084574

&nbsp;

Regards,

&nbsp;

DaneA

NETGEAR Community Team

phoenixrising20 · Answer

Hi Thanks you for the respose.&nbsp; I did see that solution posted, however when I make the changes as indicated,&nbsp; the internet connect from the remote office goes down.&nbsp; Do I have to configure any routes on at the Main Office SRX5380 to pass the traffic out to the internet?
&nbsp;

DaneA · Answer

phoenixrising20,

&nbsp;

Kindly answer the questions below:

&nbsp;

a. On the web-GUI of the FVG318 on&nbsp;the Remote Site, go to&nbsp;Monitoring &gt; Diagnostics.&nbsp; Then, check the box that says "Ping through a VPN tunnel?" and select the corresponding Gateway.&nbsp; Enter the LAN IP Address of the SRX5308 on&nbsp;the Main Office and click the Ping button.&nbsp; Are you able to get replies?&nbsp;

&nbsp;

b. Still on&nbsp;he web-GUI of the FVG318 on&nbsp;the Remote Site, go to&nbsp;Monitoring &gt; Diagnostics.&nbsp; Then, check the box that says "Ping through a VPN tunnel?" and select the corresponding Gateway.&nbsp; Enter google.com and click the Ping button.&nbsp; Are you able to get replies?&nbsp;

&nbsp;

Do I have to configure any routes on at the Main Office SRX5380 to pass the traffic out to the internet?

There is no option to configure a route either coming from or going to the VPN tunnel.&nbsp;&nbsp;

&nbsp;

Be reminded that the IPSec VPN throughput of the FVG318 is 1Mbps while the&nbsp;IPSec VPN throughput of the SRX5308 is 180Mbps.&nbsp; Do you have a spare SRX5308 to deploy on the Remote Site to isolate the problem?&nbsp;

&nbsp;

Regards,

DaneA

NETGEAR Community Team

phoenixrising20 · Answer

Thank you for the performance information on the&nbsp;FVG318 VPN,&nbsp; I was not aware of that looks like I should update that hardware before moving forward.&nbsp; I will update the forum when I get new hardware.
&nbsp;

Forum Discussion

Configure SRX5308 and FVG318 Gateway VPN to pass all Http traffic through tunnel out at SRX5380

4 Replies

Related Content

Configuring the Orbi RBK752 kit with an at&t Fiber BGW320-500 Gateway

Gateway VPN SRX5308 to Cisco RV320

Problem configuration default gateway switch M4300

Traffic shaping configurations on SRX5308

New Gateway and Access Point

NETGEAR Academy

ProSupport for Business