Question : Cisco ASA-Routing traffic to particular subnets over IPSEC tunnel when traffic is not originated on the ASA.

We have a perimeter fw that has a VPN tunnel to another Data Centre via a WAN connection. We also have a firewall in behind the Perimeter FW for a variety of reasons (mostly to do with perceived security requirements). Even though there is a tunnel between Site A and B, when there is traffic that it coming from behind the 'inside' fw the traffic destined for Site B doesn't transit the tunnel, it just gets routed like you would expect. The question is: Is it possible to route the traffic over the tunnel?

Answer : Cisco ASA-Routing traffic to particular subnets over IPSEC tunnel when traffic is not originated on the ASA.

suppose your network is like below

Local lan ---------- Inside FW-------------------Outside FW---VPN tunnel-OtherSide FW
192.168.1.0/24 172.16.10.0/24

two thing you can do
1) you can configure your inside firewall to do NAT for all local netwrok that want o communicate to remote and your outside firewall has to allow the necessary traffic for encryption.
for eg: 192.168.1.0 /24 will be natted to 172.16.10.0/24 ,and in your outisde firewall we have to encrypt only traffic from 172.16.10.0/24

2)
disable nat for the encryption traffic . then your outside firewall and the remote VPN device has to allow the local lan network in the encryption traffic.

Random Solutions

sql 2005 server showing old AD account name

Not all codes paths return a value

Exchange 2007 - Do I need to get an external certificate SSL or can I live without it?

VBScript to export members of Groups and export to Excel

Setting up an ODBC source with a username with Wise Package Studio 8

Need help getting drop down menu to display on top of main content area

Replicating Windows Server 2003 AD

Importing CSV into DataTable datatype problem VB 2010

C# equivalent of System.out.println in Java