Hi I have a question about the logic an ASA takes regarding default routes, and tunnled default routes.
But first some background information.
There is an ASA terminating site to site VPN's. The remote sites have various addresses in the 10.0.0.0/8 space, same thing for the main campus network. We want to tunnel all traffic over the VPN tunnel back to the main network (for monitoring etc...). So I do not want traffic with a destination on the internet to hairpin right back out the outside interface after being encrypted (it will not be subject to monitoring).
So I would like to put a tunnled default route in that points to our main core/internet firewall(s). I'm wondering if I do something like this,
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...