I’m struggling with my configuration, maybe I’m overthinking it or just missing the obvious little link in my setup.
- I have setup a VPN (L2TP) to a cloud VPN server. This works.
- I have a network of Wifi AP’s with multiple SSID’s.
2a) The local SSID is for internet breakout via the local ISP. Works and I have applied various best practice for security with firewall rules etc .
2b) The other SSID: is the corp_vpn, so that when connected to this SSID, the user accesses all traffic via the VPN only. - To separate the corp_vpn SSID from the other local traffic on the AP’s, I assigned SSID corp_vpn to VLAN100. The VLAN appears to be working.
My problem is that I cannot get the VPN traffic to route into the VPN, and what makes it so difficult to debug is that, under certain conditions, it appears that a default route is taken and then the VLAN traffic actually breaks out on the local internet again. So I really have two issues: I don’t know how to debug this and secondly I have tried so many different things, that my config is probably nothing short of scrambled eggs by now.
I attached a basic diagram: What would you recommend be the correct way to setup the traffic from VLAN100 all goes through the VPN only ?
Thanks in Advance
