I have got a technical query aroud the function of source addresses on IPSec L2L VPN's
My customer has their ASA5512-X HA pair running 9.1(2) and exisitng IPSec L2L tunnels. They have various other Cisco routers and firewalls in the outside network that also perform multiple L2L tunnels to other sites. The question is can i create/ consolidate all these other L2L VPN's to the ASA5512-X's and continue to source their L2L peer addresses for the other devices, e.g. some sort of Proxy ARP on the outside interface for these addtional addresses.
Obviously i can use policy NAT to modify the source address on traffic traversing the ASA firewalls but this is not to my knowledge going to change the actual IPSec L2L VPN source peer address, or is it?
This fix is to avoid changing the peer address with multiple customer peers.