I would like to place a virtual machine accesible from several branch offices via VPN. As long as I have read and tested, I can stablish a site-to-site VPN keeping in mind the local IP address space (of the branch office), the public IP address (of the same branch office), and, once the configuration is done with a subnet for the gateway, we'll get the "virtual" gateway IP and preshared key (of the virtual network) to terminate this VPN on the branch office peer.
But, what if I want to connect another branch office? I don't know whats the "best practice" to deploy this scenario. I have tried to add a local network and attach it to the existing virtual network but I couldn't. As far as I have seen you only can attach one local network per connection and, besides that, I can only support one preshared key. If so, which is the normal practice? I should create a new VPN/VitualGateway per branch? Then, using different Virtual Gateways, the Virtual Machine will keep being routable through the different tunnels?
