I established a site-to-site tunnel (ASA 5540 here) with remote Datacenter(Netscreen), in which I have a server with IP 192.168.1.x. I added the 192.168.1.x in exempt nat rule, so I can establish connection to this IP (RDP telnet etc) from a server in my network 10.10.10.x over tunnel. No problem untill here
Here is the issue. Datacenter allowed connection from my server in there (192.168.1.x) to a global IP of them (xxx.75.yyy.89) on port 1111. 192.168.1.x can connect to xxx.75.yyy.89 via port 1111 fine.
What I want to achieve is; I want to reach xxx.75.yyy.89 on port 1111 from 10.10.10.x which is at this side of l2l tunnel.
I assume I have to setup RRAS on remote server, but how should the configuration be on ASA and tunnel?
that route should be entered in the netscrean firewall side as the traffic to xxx.75.yyy.89 is reacable through netscrean firewall, so in other words if netscreen does not have a route to get to yyy.89 your host behind ASA will not hit yyy.89, and netscreen firewall should have yyy.89 host in their crypto policy access list .
Who administers the netscrent firewall side?