Reading the deployment and configuration guides, its recommended to deploy One-Armed VPN concentrator model for Hub site. What are the disadvantages if we deploy the MX in Routed Mode connected to Internet for a Hub location and to terminate VPNs ? I reckon there will be security issues as we expose it to internet but can't we use F/W rules to restrict traffic? I am thinking below topology, is this a definite No for Hub sites ?
... View more
