Site to Multi-Site VPN Design
Posted on 2006-07-12
Hi, I'm trying to reorginize our companies VPN structure and I need some smarter ways to do some things.
We have 1 windows 2000 domain
we have a corporate site with a pix 515
we have 18 remote sites with various speed internet dsl's with pix 506's
Each remote site has a DC and there are 2 DC's at Corp.
Most services are at Corp. Exchange financial programs etc.
All of the remote sites need to access thier own internet as well as the VPN
Currently the all the sites have VPN pointing to the Corp PIX.
So when a server (DC) wants to replicate with another it can only replicate to the corporate DC's and not any others. The main part of my question is that I want to change this so that all DC's can replicate to each other, but not allow any client pc's in the sites to see other sites. How can I accomplish this with the least amount of headache and administration. I do not need basic step by step pix configs, mainly just a smart layout and any tricky command spots. Thanks in advance.