Hi all Pros,
I am looking for best practices of routing between dmzs and configuration sample. In the diagram attached, I have all my vpn routers(site-2-site, and remote access) in their own dmz. Now, all the customer connected through the vpn can access the corporate network at for example:10.10.0.0/16, but can't access my dmzs yet! The plan was that customer will only use 192.168.9/24 to connect to the VPN. Once connected, all the traffic will go through 192.168.6.0/24- At the moment they can connected to the corporate network with this setup-.
1. To get routing working for dmz200,300.. I thinking to hairpin(send trattic back to same interface) traffic for these dmzs and set ACL permit traffic from vpn-dmz.
Any comments and suggestion are more than welcome,
Thanks in advance,
Jean Paul