On 6/12/06, Andrew Cotter <andrew dot cotter at somersetcapital dot com> wrote:
> As they are mostly home offices, our remote staff tend to want to use their
> internet connections for personal computers as well. With the third (OPT1)
> interface, could we have their personal network or computer routed to the
> internet and not over the IPSEC VPN tunnel into our network?
> Internet <----> WAN <--> OPT1 <---> personal desktops
Yes, that would work fine. Though if you need to push all the data
over IPsec, it may or may not work. In the past, people claim to
have gotten it working without any issue. More recently, people have
reported problems trying to do it exactly the same way (supposedly).
Whether or not that's user error is yet to be determined. But if you
just want to push data going to your network over the VPN, and let
Internet traffic out locally, that will work fine. I would make sure
you get static public IP's if at all possible. It's a lot easier to
deal with and more stable no matter what VPN equipment you're using.
Other than that possibility, I don't see any issues with it.