MAX Transit VPN in existing network


I am looking for thoughts on the best configuration that would allow us to place MAX TRANSIT DUOs inside a customers existing network for the purpose of remote access.

  • Site 2 is HQ, with site-to-site connections to branch office 3,4,5…

  • As SITE 1 (client) cannot be accessed through its primary firewall, a MAX TRANSIT DUO will be installed with a trunk to all VLANs. The gateways of the devices being accessed remotely will not be pointing to the MAX.

  • SITE 1 should not be able to access SITE 2 or SITE 3.

  • SITE 2 and SITE 3 etc should be able to access all of the networks at SITE 1.

Thank you.