Two endpoints, a PIX 501 and a PIX 515, connected with IPSEC tunnel. PIX 501 uses dhcp to get its IP add and route info. Therefore, all internet traffic goes out the outside interface. I want to send internet traffic to tunnel endpoint where 505 is so that our application layer firewall can apply policies. How do I accomplish this?