Return routes

When the firewall that protects servers receives traffic from a virtual remote interface, it does not yet know the route through which return packets should be correctly directed. 3 return routes therefore need to be created on this firewall corresponding to the three remote IPsec interfaces.

In the Return routes tab in the Configuration > Network > Routing module, click on Add and fill in the fields as follows for the WAN1 link:

  • Status: On,
  • Gateway: select (or create directly from this field) the object corresponding to the first virtual remote interface (RemoteTunWAN1 in the example).
  • Interface: select the associated local virtual IPsec interface (TunWAN1 in the example),
  • Comments: you may write a short description about the role of this route.

Click on Apply to enable this return route.

Perform the same operation to create traffic going through the WAN2 and WAN3 links using the following values:

For the WAN2 link

  • Status: On,
  • Gateway: object RemoteTunWAN2,
  • Interface: object TunWAN2.

For the WAN3 link

  • Status: On,
  • Gateway: object RemoteTunWAN3,
  • Interface: object TunWAN3.