I have never stood up a side-to-side VPN before, and my org does not have any yet. Vendor sends a VPN form. I understand everything on it except encryption domain. Their side is supplying two public IPs, my side only said it needed to be registered host/subnet.
My recollection from a previous life was that an encryption domain was the subnets the VPN needed to access. If I use PAT, this will pose a problem if there is inbound traffic, wont it? And I dont think I'm supposed to be assigning our public IPs to this...
I know this is supposed to be simple, google searches have examples without context so that wasnt helpful. Hoping someone can tell me what a best practice setup looks like....
No comments:
Post a Comment