I want to use ASA B as a forwarder between ASA A and ASA C so that intranet A is connected securely from intranet C, something likes:
intranet A <-- ASA A --> internet <-- ASA B --> internet <-- ASA C --> intranet C
because connections between A and B and between B and C are good, but connections between A and C are bad.
I just completed the IPSec settings between A and B and between B and C, but how should I tell ASA A, B, and C to work like this?
thanks a lot.
Do you have routing-entries for all remote-networks in place? Has the ASA B hairpinning enabled?
"same-security-traffic permit intra-interface"