We'll be upgrading to an ASA soon, but I have an immediate issue I need assistance with.
We have multiple spoke sites with only DHCP addresses establishing a VPN to our VPN 3000 box (using the default group). The site-to-site VPN's work fine. However, no sites can communicate with one another.
Does anyone know how to configure spoke-to-spoke communications in this scenario? Both spokes in question encapsulate the packets and sends them to the VPN 3000. But, the VPN 3000 is not passing the data to the other spoke site.
I know that I could get a static IP at one site and then do a direct VPN between the 2, but don't want to do that if I don't have to.