VPN final comments
The figure below shows my home network...
You may ask why I have a home network which is larger and more sophisticated than many corporate networks but that is a question I will answer in my next article on the subject of Virtualization.
My network features all of the recommendations I have covered in this article. Note that I have chosen to have two separate networks (10.x.x.x and 192.168.1.x) rather than two separate subnets (192,168.1.x and 192.168.2.x). In a corporate environment the use of subnets makes logical sense, because then access between subnets can be controlled by Subnet Masks rather than Gateways. However, the subnet approach assumes that everything is part of the same Domain.
By using the Gateway approach I have my environment pre-disposed for connection to a network which is not part of my Domain, such as our dear Administrators network.