See attached. Trying to determine if this would be a supported configuration. No local internet at remote sites. Client would like branch to branch encryption and w/ auto VPN we could failover between primary and backup hubs. I've not been able to find any documentation on how MX handles non-internet links connected to WAN interfaces at the HUB. Can we just enable No NAT across all the non-internet links and create inbound allow rules? Would the MX even try to establish VPN's on the non-internet connected link?
... View more
