Hello,
Apologies in advance if this seems like a rather simple question, I am not as familiar with Watchguard systems as I would like to be.
I recently took over the network administration at a company with a hub and spoke network with two hubs (M200's) and around 10 spoke sites running T50's.
Looking at the BOVPN tunnel topology it appears as if the entire network is built on a point-to-point basis as opposed to hub and spoke. Should I need tunnels on each individual site that point to every other site if the hub is in place?
For example we have 192.1.1.1 as our hub, which has a two-way tunnel to 192.1.2.1 and 192.1.3.1
Both 192.1.2.1 and 192.1.3.1 have the same two-way tunnel to 192.1.1.1 and a forest trust is active between all sites as proof of connectivity to the hub, however in order to direct traffic between 192.1.2.1 and 192.1.3.1 there needs to be a BOVPN tunnel in place between the two on each side.
We have a limited number of licences for tunnels so I am wondering if anyone could shed any light on this situation and if a more tunnel-efficient solution will be possible?
Many thanks in advance.
No comments:
Post a Comment