Routing between 2 VLANs ASA 5505 with site-to-site VPN already configured
I inherited an ASA 5505 which is already connecting to the Internet. There is also a sit-to-site VPN up and running between me and another ASA 5505 in the UK.
I need to connect my current inside network to another internal network on a different subnet. I've tried different suggestions that I've come across in the forums but none have worked. I may very well be doing something wrong but I have to wonder if the site-to-site VPN is somehow making my configuration requirements more complex then if it wasn't configured?
My OUTSIDE interface connect to a cable modem.
My INSIDE interface connects to a network of 192.168.2.0/24
My IPC_PHONE interface connects to a network of 192.168.4.0/27
I have security plus license.
All I really need is to hit one specific machine ( 192.168.4.8 ) on the IPC_PHONE network from my INSIDE network.
My understanding is that I need NAT rules but nothing I've tried seems to work.
I'm new at this and use ASDM for config although the CLI would be fine if I needed to use that.
I'm attaching the current router config - there are entries I know I no longer need that were prior to configuring the local VPN access I just haven't removed them yet. I don't think they should affect my problem though.
I have tried over and over with advice from these forums and can't seem to make any headway.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...