What
is the encryption domain? The encryption domain should include all
subnets. And do the internal networks have Internet links? If so, IP pools
and a route on internal routers would be required, or additional VPN sites for
other Internet access points.
Daniel
Gaughan
Probably a stupid question but can anyone help
with this?
Secure Remote Client
|
|
Internet
|
|
Firewall-1/VPN-1
|
|
Subnet 1* | | Subnet 2 |
Subnet 3 ...
* Internal Interface on
Firewall is part of Subnet 1
Firewall itself can reach any subnet,
internal clients can reach any subnet.
VPN client can get to
subnet 1 but is not able to reach any other subnet, appears as though
the client does not know that those subnets reside behind the firewall,
ideas?
|