i have set up a test Site to Site VPN between two locations through CISCO ASA.
I am using an extended access-list to specify the intersting traffic.
Say the access-list is
permit ip 172.16.0.0 255.255.0.0 192.168.0.0 255.255.255.0
The tunnel works well when i try to reach the 192.168.0.0 network but, what i have observed is there is no "hit" seen on this particular access-list.
The tunnel definitely is working based on this access-list but, i don't see the HITCOUNT field of the access-list updated.
Could someone through some light on this?