I’ve successfully gotten it to route traffice from a particular IP address through a connected VPN
[code]show policy
route my-route {
rule 10 {
set {
table 1
}
source {
address 192.168.129.5
}
}
}
show interfaces ethernet eth3
address 192.168.129.1/24
duplex auto
hw-id xx:xx:xx:xx:xx:xx
policy {
route my-route
}
smp_affinity auto
speed auto
show protocols static table 1
interface-route 0.0.0.0/0 {
next-hop-interface tun0 {
}
}[/code]
The above does in fact route all traffice from 192.168.129.5 through the vpn tunnel.
However, I would like to still be able to get to the machine from another subnet on certain ports, specifically 22, 443, and 80.
I can add exceptions to the policy routing but then outbound traffic for 443 and 80 will no longer go through the vpn tunnel. What I want is it to work just like it does when it routes stuff through the WAN. With other machines in that subnet I can get to the machines and all traffic goes through the WAN. So for this particular machine I want all traffic to go through the vpn tunnel and to still be able to get to the machine.