I think I'll update my setting to use that,
- For the master controller, I have VPN pool: 172.16.10.0/24
- The local controller I have VPN pool: 172.16.20.0/24
- Firewall to nat/port forward from outside to VRRP ip address.
So under Connection profile/ VIA servers: I'll have only one entry
Hostname/IP Address:
vpn.domain.com
Internal IP Address:
10.10.xx.xx (my vrrp IP address)
with that been said, if the user is terminated in master the user will take an ip@ from 172.16.10.0
and if user is terminated in local, inner ip will be from 172.16.20.0
correct scenario?