TNSR Remote Office With Existing IPsec Hub¶
In this example, remote offices with a Netgate SG-5100 running TNSR will be configured for site-to-site VPN to an existing IPsec Head-End at a central headquarters location.
Workers at remote offices will need Direct Internet Access (DIA) and corporate intranet access from their location using IPSec IKEv2 with Pre-Shared Key and secured crypto methods (AES128/SHA1/DH2048). Direct Internet Access also needs to be made available to a guest network through distinct VLANs so that guest and staff devices can be isolated.
The TNSR Remote Office Deployment will be completed in the following high level steps: