I have a quesiton. I want to make the users on remote sites to authenticate on the ASA when they want to surf on the web.
To accomplish this they have to go through the Central router, then through the ASA to authenticate (ASA is doing NAT too) and then back to the Central router and then to the Internet.
Right now they are using a proxy that should be disconnected soon.
I tried with route-maps, the packet came to the ASA and then back to the Central router, but then I got a loop error (debug ip policy)
Here is a picture.