I have two ASA5520's in two locations in my network for Remote Access IPSEC VPN. These locations are connected to our enterprise frame-relay network and each location also has an internet connection.
I have also set up a point-to-point IPSEC tunnel between the two ASA5520's running over the internet. This tunnel is used to replication data between two specific subnets at each location.
Everything is working fine except that when my remote access users log in and then try to access the replication subnet at the other location, the ASA will try to route the packets out through the internet.
I have a 0.0.0.0 Tunnel route pointing inside the network, which I thought would route all traffic from a remote access user to inside the network, but this doesn't seem to be the case.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...