I'm having some issues trying to get the Site 3: VPN Client to be able to ping to the Site 2: Server. I have Just built the tunnel from Site1 to Site 2 and now have traffic flowing great from Site 1 to Site 2. Site 3 clients can get to Site 1 clients with no issues at all. But Site 3 clients can NOT get to Site 2 clients at all.
I'm guessing it has something to do with coming in on the outside (int 0) and then going back out the outside (int 0) interface. I have enabled/used the following lines but I still can not get it to work.
1) same-security-traffic permit intra-interface (on the Site 1 ASA only)
2) I have my NAT exempt rules in places for both Site 1 and Site 2. Site 2 is using IOS 8.2(1) and Site 1 is using the newer IOS 8.4(2). So the Site 1 ASA is using the route-lookup switch to simulate the EXEMPT.
Any ideas why it would not be working for me?
