On an ASA, version 8.2(x), for a given VPN tunnel setup with a peer of a.b.c.d, and the interesting traffic defined as source s.t.u.v and destination w.x.y.z (and the w.x.y.z address(es) does NOT include the peer address), if host s.t.u.v, tries to access the peer IP, will the traffic go across the tunnel or no?
My guess is that it will not becuase the peer ip address has not been explicitly defined as 'interesting' traffic to go across the tunnel. Is this correct?
Did you mean to say that I am correct because the peer address (a.b,c,d) is not part of the interesting traffic? That is, traffic from s.t.u.v to a.b.c.d will not go across the tunnel becuase even though the source (s.t.u.v) is a 'potential' source for interesting traffic, the peer address (a.b.c.d) is not a 'potential' destination for interesting traffic.
Below is the example setup:
access-list VPN-ACL extended permit ip s.t.u.v w.x.y.z
crypto map map-outside 10 match address VPN-ACL
crypto map map-outside 10 set peer a.b.c.d
crypto map map-outside 10 set transform-set EXP-3DES-SHA
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...