i have two 5505 ASAs connecting back to a central 5520 ASA via the easy vpn remote option. Each of the 5505s are on their own networks. How do i get network connectivity between the two remote sites? Thanks in advance.
you can accomplish connectivity to both remote sites via the central 5520 asa simply by tailoring your nonat exempt rules pertaining to your l2l asa tunnels at both spokes asa's and add same-security-traffic permit intra-interface at central asa 5520.
Yes it does also applies to remote access VPN tunnels..
you should note,however, if a spoke site is dynamic towards the HUB asa5520 obiously that dynamic spoke must bring the tunnel up first in order for other spokes to have access among themselves via HUB including the dynamically public address assigned spoke.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...