There are 2 sites: Location A & Location B
( Location B is shown as small rectangle in bottom left corner & rest all are part of Loc A)
If ssl based vpn is to be done at Loc A, users coming in from internet would come through internet router and to the ssl f.w with public ip 126.96.36.199.
Users will be given 192.168.2.0/24 ip pool address for vpn.
There is another f.w which connects to internal lan. The connection between these zones is through a connecting zone(ip's as given in diagram).
Now requirement is that any user connecting via this vpn should be able to access certain services at Loc B (includes icmp,ssh,traceroute )alongwith other servers.
Please help me understand what to configure on both vpn f.w & internal f.w to enable this access.
It would help me if some sample firewall rules(nat,acl) can be given based on the given situation.