We have a site to site ipsec tunnel between 2 locations i.e Location A and Location B.
Our requirement is that - if Remote Access users connect to the TMG at location A, they would be able to access resources behind Location B.
The problem is that I cant specific the local network as Pool Range for remote access users and destination networks as Location B in crypto access-list in Phase 2.
The TMG sends a random subnet in mode configuration packet for local and remote ident whenever the client connects. Is it possible if we have have a subnet for address range of remote access client sent at once? So that whenever the remote access client connects, they should be able to acesss location B.
Also, it is possible if we can have Route Based VPN on TMG?
Any help would be appreciated !!
Regards,
Mitesh