Hi everyone. I'm trying to setup routing from a branch office to AWS via another office. I've read up on Domain Based VPN and I have some questions about it. All of our gateways are in a meshed community. On the CP article it mentions that the 'accept all encrypted traffic' box should be set within the community settings (we have it unticked).
Is this going to break VPN tunnels between all of our offices if I do this? I understand that I need to edit the vpn_routing.conf file on the security management server and then install policy on the relevant gateway.
I have also read from other sources that the subnet in AWS will have to be added to the VPN domain of the gateway that the branch gateway forwards the traffic to/receives from. Is this correct?
Finally, if I only make the change to the conf file on the SMS, how likely is it that something will go wrong? I've not done this before so I don't want to bring everything crashing down!