Site A has ASA5520 (Core Network) and Site B has ASA5505 (Remote Site). Core ASA5520 has four interfaces, City Hall LAN, Police Department LAN, DMZ, and Outside. We currently have an IPSec tunnel from Site A to Site B that allows traffic to pass from Site B to Site A on all interfaces except for the PD Lan (due to DOJ Restrictions). It is set up in a way that when traffic originates from PD LAN it can pass, but if traffic originates on Site B it cannot pass into PD LAN. I now want to be able to add to this the ability to allow two specific IP addresses on the Site B LAN to pass into PD LAN to a server. Essentially we will have two laptops that will need to access our Computer Aided Dispatch (CAD) Server in a disaster situation. I hope this explanation was clear enough.