Route external traffic via VPN?

mattkeenan · February 21, 2023, 1:27pm

Hi, i’m trying to configure so as to permit traffic originating on the LAN to access the Internet.

I’ve followed the guide re. changing the NAT type and enabling WAN forwarding but this didn’t yield any result (gateway set correctly on LAN host requiring external access and using Google’s DNS).

The customer corporate network is locked down pretty tight and ICMP packets to 8.8.8.8 are being filtered by some switch somewhere (evidently eWon is split tunnelling).

It seems what i want to achieve should be possible by ensuring VpnRedirect is set to 1 but this doesn’t help. Is it possible to enable forwarding and simultaneously ensuring all traffic is routed via the VPN?

Thanks.

kyle_HMS · February 21, 2023, 2:56pm

VPN redirect should be set to 0 to allow the LAN devices to access the internet:

NatItf = 2 (NAT and TF on WAN)
VPNRedirect = 0 (Allow traffic outside the VPN tunnel)
FwrdToWAN = 1 (Forward LAN traffic to WAN)
**MUST reboot to apply the changes**

See: https://hmsnetworks.blob.core.windows.net/www/docs/librariesprovider10/downloads-monitored/manuals/knowledge-base/ssh-0068-00-en-allow-internet-access-for-ewon-cosy-lan-devices.pdf

No, if all traffic is routed to the VPN, it can’t also be forwarded to the WAN.

mattkeenan · February 21, 2023, 4:12pm

Thanks Kyle.

Yes I did try that but traffic was being blocked by the corporate firewall, I was hoping I could route it all out down the tunnel and out to internet via T2M servers.

No problem, thanks for your answer.

kyle_HMS · February 21, 2023, 5:19pm

Yeah, I’m sorry, but you can’t access the internet through the T2M VPN Servers unfortunately.