 Re: Check Point VPN design
This is a typical design for an enterprise.
The reason that most companies go with VPN Concentrator for remote access
and IOS routers for L2L VPN is because the flexibilities with IOS routers and
VPN concentrators to be able to do GRE/IPSec and dynamic routing protocols
within the IPSec tunnel. NAT on checkpoint is the best because it is
so flexible.
Just abpit every place I work uses this design. |