To connect your routed client-to-site VPN to your network, you must add a forwarding access rule to direct traffic between the tunnel, the remote network, and the home network.
Before You Begin
Before creating your forwarding access rules, you need the following information:
- The published VPN network(s)
- The VPN client network(s)
Step 1. Create a Network Object for the Published VPN Networks
Create a custom network object for the published VPN networks. If more networks are added to published VPN networks, update the network object to reflect these changes.
- Include Entries – For each published VPN network, enter the IP address and click + to add it to the list.
For more information, see Network Objects.
Step 2. Create a Redirect to Service Access Rule
Create a Redirect to Service access rule to redirect incoming VPN connections on the dynamic interface to the VPN server listening on the local IP address.
- Go to FIREWALL > Access Rules.
- Click Add Access Rule. The Add Access Rule window opens.
- Enter a Name for the rule. E.g.,
- Specify the following settings:
- Action – Select Redirect to Service.
Source – The source addresses of the traffic. E.g., Any.
- Redirect to Service Details – Select the VPN network object.
Destination – Select the network object corresponding to your Internet connection type (DHCP, 3G, or DSL).
- Click Save.
- Move the access rule above the BLOCKALL rule so it is the first access rule to match incoming VPN traffic.
- Click Save.