Yes, permit access to 10.200.0.0 255.255.0.0 for the VPN-tunnel-to-peer-pix acl, and also add it to whatever acl you are using for nat0. Make sure that the devices on the 10.200.0.0 network know the way back.
It shows the route to the router. But I solved this case by deleting the route and letting the hosts use the router as the default gw. But it would be fun to know if it's possible to do it like I described.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...