FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
2,077 views 3 comments
by
Hello

I have UTM in my head office and Teltonika RUT 950 in the branch office. UTM and Teltonika are connected via IPSec. Both sides can reach to each other. I would like to route whole traffic from branch office to my UTM via IPSec where I can analyze traffic and create secure rules, NAT rules etc. Is it possible on RUT950? If yes how can I do this?    

Regards

Grzegorz

1 Answer

0 votes
by anonymous

Hello,

I share an instruction on how to implement such a solution. I hope this will help you.

by
Hello. Thank you for sharing instruction. My first step to configuring the internet through the IPsec was the 0.0.0.0/0 in the remote network field. Difference to your instruction was enabled a left and a right firewall in my configuration. But despite unchecked a left and right firewall in configuration, routing still doesn't work properly. My local network (RUT 950 site) is 192.168.1.0/24. RUT 950 has 192.168.1.1. When I enable IPSec and connection is established I lost connection to RUT 950 through LAN side. Can't ping 192.168.1.1 from a device connected to LAN port.  I have to disable IPSec connection on my UTM device or restart RUT 950 and disable IPSec before established connection to restore LAN connection. Do you have any other idea what can be wrong in my configuration?
by anonymous
The router has IPsec passthrough functionality. If you want all traffic to be routed through the IPsec tunnel, you can enable passthrough in IPsec settings by entering your UTM IP address in the Custom field.
by anonymous
Hi

I have this exact same problem. I am doing IPSec between RUT950 and a Watchguard M290.

I want to send all client traffic from the RUT local network 10.100.203.0/24 through IPSec tunnel.

I configure the tunnel with local subnet 10.100.203.0/24 (RUT) and remote subnet 0.0.0.0/0 (Watchguard). Tunnel goes up but I lose contact with the RUT on lan interface as soon as tunnel is established. RUT also stops serving DHCP on lan. However the tunnel is up and running and I can ping the RUT IP at 10.100.203.254 from the remote end of the tunnel.

To re-establish contact with RUT I need to disconnect WAN (to stop tunnel from establishing) and then power cycle the device.

This clearly must be something broken in the implementation in RUT?

When changing remote subnet to i.e. 192.168.1.0/24 everything is working perfectly just as expected.