The situation :
I have two sites (A and B) that I link using 2 SSG5s over a 1mb/s link.
Both sites have different subnets
I have a number of users that time to time are required to connect to the network via VPN. I am not happy with our current solution and am looking to get the remote users to Connect using the NS remote client.
The users will be runnig VoIP softclients, email, and require access to shared drives AT BOTH EXISTING SITE.
All clients will connect to site A.
I have read though the examples but I am really not sure where to start. From my way of thinking I need to have my remote clients in a third subnet configured in SSG5-A that can then be routed from site B to a tunnel interface from there the SSG5 can sort out which client it goes to.
Site B 10.0.1.X <---> Site A 10.0.0.X <-->VPN clients 10.0.2.X
When someone is connected I want them to be for all intents and purposes on a different subnet on the company LAN.
Site A has, amoung others, 3 Zones that I think will be needed. Internet, Trust and Link (contains the tunnel inteface for reaching site B)
Should I be creating anohter Zone VPN clients and sticking a tunnel interface in there? (I like being able to see everything)
Am I thinking straight? Can someone point me in the right direction?
Thanks!