Hi all,
I'l start with saying what I've currently got set up.
We currently have a SA 520 set up in a control center with 3 remote VPNs set up to external networks so that a Database in the control center can share data with the databases on the 3 external networks.
We also need remote access for engineers to be able to work on devices at the control center so i following the instructions in the "Configuring a Cisco SA 500 to Accept a VPN Connection from a Shrew Soft VPN Client" document by Cisco from here http://www.ciscosystems.com/en/US/docs/security/multi_function_security/multi_function_security_appliance/sa_500/technote/note/SA500_sshrew_technote.pdf
This works great and we can know access the network from any external source (if they have a username and password) using the shrew remote VPN.
The query i have is what would have if someone tried to access the network via remote VPN when they are on a subnet the same as one of the subnets currently used by one of the 3 external networks? would this cause problems and if so how can i block those subnets from being used by people using the remote VPN?
The internal network at the control center is 192.168.106.0/24 and 1 of the external sites that the VPN has a link to is 192.168.100.0/24 so basically what would happen if i was sat at home on a laptop configured as 192.168.100.4 for example and tried to remote vpn to the internal network would it fail or would it interfere/clash with the current VPN (this is the one thing i must prevent) and if so how can i prevent it?
Any help with this would be great folks and much appriciated
James