"But what I need to add is tunnel all traffic to the firewall where vpn is connected to so internet traffic goes via FW public ip."
nat (outside) 1 18.104.22.168 255.255.255.0
nat (outside) 1 22.214.171.124 255.255.255.0
The highlighted "1" in the two above statement must corresponding with your outside global command, which mean if your global outisde index number 99, then your highlighted "1" must be replace with 99.
I am sorry for the late reply. For some reason, I do not receive email alerts for any thread any longer from Cisco Support Community.
I do this as a labor of love, I hope you can understand.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...