Hello,I have set up a Site-to-Site VPN between two sites in my domain.
Reading about it, one of the things I see in all the tutorial is about creating a rule like this one (on each of the two TMG machines):
TMG in the Main Office:
Allow all outbound traffic from: Internal / BranchOffice , to: Internal /BranchOffice
TMG in the BranOffice:
Allow all outbound traffic from: Internal / MainOffice , to: Internal /MainOffice.
All works fine but I don't understand why the machines in each lan have to reach the machines in the remote lan.
Would it not be more secure to allow only specific traffic? What if a virus reaches any pc in one of the lan, and goes to the other lan in the remote office?.
Thanks in advance!Luis Olías Técnico/Admon Sistemas . Sevilla (España - Spain)