I would greatly appriciate some help on this.
I have a ASA 5510 who is configured for 2 different sites as site-2-site hub.
recently I needed to add a firewall into a dmz, because the other party did not want to peer with our firewall but wanted their own hardware at our premisis. please look at the attached picture, this sayes more then a 1000 words for understanding ;-).
what I added to our ASA 5510 is 2 new interfaces one called Dirty DMZ (the internet facing one) and one named clean DMZ (the internal facing one).
The thing I see happening is that the proposals coming from the 3rd party are being picked up by the ASA instead of forwarding them and NAT them.
How can I create a rule if isakmp, NAT-T, AH, and ESP is coming from a certain IP towards dirty DMZ then NAT and pass through?
Help is really appriciated!