I have a router with crypto map applied to an interface. This crypto map has two remote peers with the below configuration.
crypto map test 10 isakmp-ipsec
set peer 220.127.116.11
set peer 18.104.22.168
set transform-set tset
match address 101
access-list 101 permit ip 22.214.171.124 0.0.0.255 126.96.36.199 0.0.0.255
These two remote peers are two routers that are accessing the same resource which is 188.8.131.52/24.
My question has something to do with asymmetric routing. If i have a packet that comes out my vpn interface to one peer say 184.108.40.206 but goes back from 220.127.116.11, will this work? From my simulations, it doesn't. If this won't work, is there a way to allow this type of vpn traffic? I mean if i send traffic out to peer 18.104.22.168 and it comes back from 22.214.171.124 or if remote site sends out from 126.96.36.199 and i can reply back to peer 188.8.131.52 it won't cause problems.