Due to additional security measures, we have implemented Multi-Factor Authentication (MFA) on this Support Portal. Please log in using your registered email ID or phone number. In case of any difficulty, kindly reach out to Seqrite Support by emailing us at "support@seqrite.com".
  1. Home
  2. Solutions
  3. How-To Articles
  4. How to forward SSL VPN remote end traffic over IPSEC VPN via Seqrite UTM.

How-To Articles

How to forward SSL VPN remote end traffic over IPSEC VPN via Seqrite UTM.

05-01-2022 11:57:09

Overview: This article explains how to route SSL VPN remote end traffic over IPSEC VPN
   

Applicable Versions: UTMv2.0 and above                                                  

Scenario:

1: Customer has configured IPSEC VPN between two locations for example location “Head Office” and location “Branch”.

2: Customer has an SSL VPN configured at one of his location for above diagram location “Head Office” and he wants to access the Network located at location “Branch” via SSL VPN remote client.

Diagram:

Head Office:

LAN ETH0 : 192.168.1.0/24

WAN ETH1: 192.168.2.100

SSL VPN configured at Head Office with Virtual network 10.10.10.0/24

Branch Office:

LAN ETH0: 192.168.0.0/24

WAN ETH1: 192.168.3.100

Step 1: Need to add the SSL VPN Virtual network 10.10.10.0/24 in IPSEC VPN local network at Head Office end.

At Head Office:

Step 2: Need to add the SSL VPN Virtual network 10.10.10.0/24 in IPSEC VPN on remote networks at Branch Office end.

Step 3: Add the remote IPSEC route in the SSL VPN remote client under additional command as defined in the image shown below.

Step 4: Create a VPN-to-VPN any rule at both end devices. Also create a UTM-to-WAN rule with remote end local Network in destination zone with SNAT

The IP to be added in SNAT will be the SSL VPN remote Server gateway. To get the gateway IP, access the cli and type in command ifconfig