Typically you would place the MX in one-armed concentrator mode within the DC. This is the preferred method for devices terminating VPN tunnels from your Branch sites. From your branch sites you can then either use Full or Split tunnel mode depending on your traffic requirements and where you wish to send your traffic.
... View more
