Company A has a firewall with NAT at the perimeter, and wishes to add a vpn device into the setup.
Q1) If they want the VPN to behind the firewall, what are the changes that need to be made on the firewall?
Q2) If the vpn is infront of the firewall, is it true that the decrypted packets (after vpn device and before reaching the firewall) can be hacked?
Thank you