Orbi WiFi 7 RBE973
Reply

Configure SRX5308 and FVG318 Gateway VPN to pass all Http traffic through tunnel out at SRX5380

phoenixrising20
Aspirant

Configure SRX5308 and FVG318 Gateway VPN to pass all Http traffic through tunnel out at SRX5380

I have two physical locations 1) Main Office has SRX5380 2) Remote Office FVG318. I have a VPN established between the two location, however I can not get the Http Traffic from the Remote Office through the tunnel to the Main Office using the Main Office IP address to access the internet.  I have attached a file showing the IKE and VPN configuartion policies I am using and I am stuck -- Please help - Thanks

 

Model: FVG318|ProSafe 802.11g Wireless VPN Firewall 8-ports,SRX5308|PROSAFE Gigabit Quad WAN SSL & IPSEC VPN Firewall
Message 1 of 5
DaneA
NETGEAR Employee Retired

Re: Configure SRX5308 and FVG318 Gateway VPN to pass all Http traffic through tunnel out at SRX5380

Hi @phoenixrising20,

 

Kindly try the following steps below:

 

1. On the web-GUI of the SRX5308, go to VPN > IPSec VPN > VPN Policies.  Disable the corresponding VPN Policy then click Edit.

  • In the General section, uncheck Enable NetBIOS.
  • In the Traffic Selection section, select Any on the Remote IP dropdown field.
  • Click Apply.

2. On the web-GUI of the FVG318, go to VPN > Policies > VPN Policies.  Disable the corresponding VPN Policy then click Edit.

  • In the General section, uncheck Enable NetBIOS.
  • In the Traffic Selection section, select Any on the Local IP dropdown field.
  • Click Apply.

Let me share the forum thread below because your concern seems to be similar to it:

 

https://community.netgear.com/t5/Hardware-VPN-Firewalls-and/In-site-to-site-VPN-I-need-all-internet-...

 

 

Regards,

 

DaneA

NETGEAR Community Team

Message 2 of 5
phoenixrising20
Aspirant

Re: Configure SRX5308 and FVG318 Gateway VPN to pass all Http traffic through tunnel out at SRX5380

Hi Thanks you for the respose.  I did see that solution posted, however when I make the changes as indicated,  the internet connect from the remote office goes down.  Do I have to configure any routes on at the Main Office SRX5380 to pass the traffic out to the internet?

 

Message 3 of 5
DaneA
NETGEAR Employee Retired

Re: Configure SRX5308 and FVG318 Gateway VPN to pass all Http traffic through tunnel out at SRX5380

@phoenixrising20,

 

Kindly answer the questions below:

 

a. On the web-GUI of the FVG318 on the Remote Site, go to Monitoring > Diagnostics.  Then, check the box that says "Ping through a VPN tunnel?" and select the corresponding Gateway.  Enter the LAN IP Address of the SRX5308 on the Main Office and click the Ping button.  Are you able to get replies? 

 

b. Still on he web-GUI of the FVG318 on the Remote Site, go to Monitoring > Diagnostics.  Then, check the box that says "Ping through a VPN tunnel?" and select the corresponding Gateway.  Enter google.com and click the Ping button.  Are you able to get replies? 

 

Do I have to configure any routes on at the Main Office SRX5380 to pass the traffic out to the internet?

There is no option to configure a route either coming from or going to the VPN tunnel.  

 

Be reminded that the IPSec VPN throughput of the FVG318 is 1Mbps while the IPSec VPN throughput of the SRX5308 is 180Mbps.  Do you have a spare SRX5308 to deploy on the Remote Site to isolate the problem? 

 

 

Regards,


DaneA

NETGEAR Community Team

Message 4 of 5
phoenixrising20
Aspirant

Re: Configure SRX5308 and FVG318 Gateway VPN to pass all Http traffic through tunnel out at SRX5380

Thank you for the performance information on the FVG318 VPN,  I was not aware of that looks like I should update that hardware before moving forward.  I will update the forum when I get new hardware.

 

Message 5 of 5
Discussion stats
  • 4 replies
  • 1835 views
  • 0 kudos
  • 2 in conversation
Announcements