I am experencing an issue where some of the devices at a remote site have a different default gateway other then the firewall (at the remote site). This prevents pings from the local network to those remote site devices. Does anyone have any suggestions for changes to the remote firewall that could resolve this issue?
The changes don't have to be done on the VPN-firewall. There are two simple ways (and one better but more complex way) to solve that:
1) On the DG of the remote site, add a dedicated route to your local network pointing to the LAN-address of the remote firewall. 2) Add static routes on the end-devices that have a default-gateway that is not the ASA.
3) Connect your users to a L3-switch. There you have transfer-links to the original DG and the firewall. Now the L3-switch hanldes all routing (dedicated route to the VPN-gateway and default-route to the the actual gateway.
And for completeness (but worst way to do that) also a configuration that is done on the firewall: NAT the traffic that leaves the VPN to a local LAN address on the remote site. With that the remote PCs see all VPN traffic as local and don't use the DG.
one last question, when you say to "NAT the traffic that leaves the VPN to a local LAN address on the remote site" would that be on the remote firewall or the local firewall?
The needed configuration would be highly dependent on your ASA-version, the config you are running and what exactly you want to achieve. Perhaps it's best to open a new thread for that if you can't fix it by other solutions.
