We have the following requirement:
SMS --- HQ-Cluster --- <<S2S VPN / INET>> --- SITE-Cluster -- SITE-DC-Cluster
How can I establish SIC between the SMS and the SITE-DC-Cluster?
My prefered option would be to manage the SITE-DC-Cluster through the VPN Tunnel using the private IPs of SMS and SITE-DC-Cluster-Members. Unfortunately Control Traffic does not go through the VPN Tunnel.
Is there a possibility to exclude only control traffic to specific gateways from Implied Rules?
We also have enough Public IPs on the Remote Site available if someone has an idea how to manage the SITE-DC-Clusters via static NAT on the SITE-Cluster.
tia, Bernhard