We are changing to a private MPLS solution where several remote sites will be connected back into an HQ site. These remote sites will need the ability to web browse via the Main sites secured internet connection.
The proposed solution is to drop in an MPLS utilising Juniper SRX110 (3rd party supplied), these will all terminate to another single SRX110 at the main site.
I have been told that i will need some for of NAT translator in order to allow the remote clients to browse the internet, is this correct? if so where would it be placed? Also any recommendations on this, perhaps an ASA5510?
I have attached a very basic layout of what i believe it should look like, please feel free to comment.
Once again your assistance with this is appreciated.