@merakichampThank you for that info. I have a follow up question though. In MX's documentation it is written : "When using an MX as a site-to-site VPN peer, it will only be able to send client traffic over the VPN tunnel if that traffic has been directed to it. As such, a router or L3 switch on the network will need to have static routes configured, such that VPN-bound traffic is sent to the MX. This traffic will then be encrypted and sent through the site-to-site VPN tunnel. Traffic bound to the Internet or other destinations will simply pass through the appliance:" Let's say that I have that kind of topology Internet -Edge FW - DMZ - MX L2/VPN concentrator - Router - LAN if I have a layer 3 functionality to ensure routing, if I set the MX in passthrough mode, is it possible for it to deal with S2S VPN, Client VPN AND to still pass all internet traffic (incoming and outgoing) through the MX using filtrering, IPS and AMP functionalities ? if it's not clear, i can ce more specific. thanks for your help. FrederiqueC
... View more