The peer address to use is the IP address of the interface that has the crypto map on it, the IP address that is accessible over the Internet.
You'll need a route on both devices pointing to the inside subnet of the other device. If you simply have a default gateway then that should be enough, but if you have another route that would normally point this out some other interface, then yes, add in a specific static route pointing to the remote subnet.
Are you sure your tunnel is coming up properly? If you check on the 3005 under Monitoring - Sessions, do you see the tunnel built there. If not, you need to get the tunnel built properly before you'll be able to ping.
Just imagine you have a VPN Tunnel in a hub and spoke topology:
Router A --------- Internet | -------- Router B
| -------- Router C
In this case, Router A has tunnel both to Router B and Router C. After checking the match address and encrypting the packet, Router A now needs to know which Peer it has to send the encrypted packet and this is where the peer address is used.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...