Hello,
I have a question regarding multiple encryption
domains.
I read the note on the Phone boy site
("Creating Multiple Encryption Domains"), that says you cannot
create multiple encryption domains for the same firewall, but you can create
your rules in such a way to get that effect.
I was just looking for some clarification on
this -
If my firewall object's definition says that
its encryption domain is, say NetworkA, then will encryption rules that
specificy another network, say NetworkB, still work?
I have two remote sites that I need to provide
VPN access with, but to two different internal networks of
mine.
One remote site is already set up and
working. I have encryption rules between that site and my
NetworkA.
Another remote site I now want to set up with
access to NetworkB. If I add encryption rules between their site and
my NetworkB, how does NetworkB get associated with my firewall object?
That is, how do the rules determine which firewall object is protecting
NetworkB?
Could (but only if I needed to) create another
internal firewall object with the same IP as my original firewall object,
and specify its encryption domain as NetworkB?
Please advise.
Thank you,
Elaine