Two entry points, two online links. Direct specific content to each one.
Two entry points, two online links. Direct specific content to each one.
At our location we connect via a VPN from a head office. We don’t use a standard corporate network and need bypass for certain content. I’ve configured custom routing on PCs to allow email traffic through a second gateway, but Cloudflare features often block ports when routed through the VPN. A proxy in Chrome works on another machine but can be problematic if it stops functioning. My SonicWall is accessible, so I set it up to forward traffic to 10.62.84.253 for all devices. The main mail server works fine, but things like internet radio or TeamViewer fail because they can’t reach the VPN. I need a way to route specific pages through one gateway while keeping others on the second network. Can we set up different routing rules so some content goes to the first gateway and everything else to the second?
You can set your .253 router as the primary default gateway and include static routes for your VPN IPs on each device to route through .1. Refer to the guide: https://www.howtogeek.com/howto/windows/...ing-table/
I attempted static routing but it doesn’t direct web pages properly. If I configure a static route for something like Telnet, it should follow that route. However, when the same IP has a web server, it bypasses the static route and uses the default gateway instead.
Static routing functions for every type of traffic, such as web data. It is only absent when the browser is set to rely on a proxy server.
For testing, teamviewer.com was blocked on the main firewall [13.95.16.245]. I set up a persistent route to the second firewall, which is still passing through the primary and showing as blocked. I suspect the DNS handling is on the primary network. Despite this, I haven’t been able to forward any web pages, though other services are working.
It seems I need to experiment with this setup. The sonic wall offers many linked options, but my familiarity is limited, making it possibly the simplest approach if I can navigate it. Added note: In the wall I set up an Address Object for the other firewall, assigning it LAN, HOST, and IP 10.62.87.1. For the website, I created an object to use as a gateway—WAN, HOST—and its IP is 10.62.87.1. Then I defined a route policy with specific settings: source any, destination website address, gateway the other firewall, interface X0 (with X1 as second faster WAN and X0 as LAN), and metric prioritizing it at 5. So far, it doesn’t forward to the other WAN. I ran a test for a page that works on both and used a trace route to check if internal VPN traffic is being routed through our ISP instead of the corporate network. This is important not just because our email server and some services are blocked, but also due to slowdowns from a 2Mbps VPN connection versus a 40Mbps internet link.
I solved it using your suggested approach with a single object. I had to rely on our internal DNS server to handle the resolution. I hadn't considered it before, as I was focusing on getting an internal page based on a name address instead of an IP.