VPN with B2B DMZ

This site-to-site VPN terminates the tunnel at the outer firewall of a back-to-back DMZ.
This one is not my favorite, but some want to keep the B2B DMZ and terminate the tunnel at the outer firewall.  The key to this one is in running the inner firewall in a routed mode with NAT disabled.  This allows the destination resource to be contacted by its true IP number during the connection attempt.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: