We have a couple of remote branch offices which consist of 1500 series SMB (centrally or locally managed) and a Cluster of CP at our HQ.
All of the remote branch offices connect to the HQ via a Star Topology S2S VPN.
We want our remote branch office users to be able to connect via client vpn (capsule,ENS) towards the HQ besides the S2S VPN
which is something we cannot accomplish at the moment
I suppose we can't connect due to the fact that the HQs public IP belongs to the encryption domain which is something that i want to exclude.
I know also that this can be accomplished via crypt.def. but no matter how hard i tried i cannot do it.
Has anyone done something similar and wants to share a template or an excerpt from crypt.def so that I can see what am I doing wrong ?