As shown in the figure, Department A of Branch 1 can access the Internet, and Department B can access headquarters resources only through the encrypted VPN. You can configure a NAT policy on the egress device in Branch 1 to allow Department A to still access the Internet, and configure an IPsec VPN (ESP protocol) in tunnel mode for Department B to allow Department B to access the headquarters.
Currently there are no comments in this discussion, be the first to comment!