Hello,
I have a question regarding multiple encryption
domains.
I read the note on the Phone boy site ("Creating
Multiple Encryption Domains"), that says you cannot create multiple encryption
domains for the same firewall, but you can create your rules in such a way to
get that effect.
I was just looking for some clarification on this
-
If my firewall object's definition says that its
encryption domain is, say NetworkA, then will encryption rules that specificy
another network, say NetworkB, still work?
I have two remote sites that I need to provide VPN
access with, but to two different internal networks of mine.
One remote site is already set up and
working. I have encryption rules between that site and my
NetworkA.
Another remote site I now want to set up with
access to NetworkB. If I add encryption rules between their site and my
NetworkB, how does NetworkB get associated with my firewall object? That
is, how do the rules determine which firewall object is protecting
NetworkB?
Could (but only if I needed to) create another
internal firewall object with the same IP as my original firewall object, and
specify its encryption domain as NetworkB?
Please advise.
Thank you,
Elaine
|