Here's a schema of what i want.
(I've contacted support but they sent me a documentation that i've already used but don't talking about Internet Browsing.
Actually, my spokes can talk each other and can join the hub.
Internet browsing pass through these spokes.
I want to pass Internet Traffic through hub (blue line in schema).
My IPsec hub and spoke is route based.
Here's my configs.
If i change default route on spoke, i can't join hub and i loose contact with spoke.
You told me : "but dont forget the put a static route to the VPN IP of the hub to the ISP gateway else you loose your connection".
I have to put a static route ON the HUB to the ISP gateway of the SPOKE?
You also said : "your phase2 will have to contain the 0.0.0.0/0 as destination as you will have to encrypt all addresses."
This on phase 2 of the SPOKE ipsec?
Another question, policy route can help?
Thank you very much.
post edited by waaalex - 2020/10/15 01:36:04