I have two sites i need to create s2s between them, problem is:
site A is the HQ that has MPLS connections and routes OSPF over to other branches so its encryption domain is the whole 192.168.x.x/16 network
site B is the branch that will need to access HQ and other branch resources by S2S with the HQ and its local networks are 192.168.20.0/24 through 192.168.24.0/24 meaning they fall under the general ACL for the HQ. The HQ has no 192.168.20-24/24 subnets on its side as those reserved for siteB.
My question is...
can i use the general ACL for site A to include 192.168.x.x/16 and 192.168.20-24.0/24 on site B to build a properly working tunnel that will allow site B to reach all other branches connected to site A (HQ) (see example bellow) ?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...