Question : Cisco ASA-Routing traffic to particular subnets over IPSEC tunnel when traffic is not originated on the ASA.

We have a perimeter fw that has a VPN tunnel to another Data Centre via a WAN connection. We also have a firewall in behind the Perimeter FW for a variety of reasons (mostly to do with perceived security requirements). Even though there is a tunnel between Site A and B, when there is traffic that it coming from behind the 'inside' fw the traffic destined for Site B doesn't transit the tunnel, it just gets routed like you would expect. The question is: Is it possible to route the traffic over the tunnel?

Answer : Cisco ASA-Routing traffic to particular subnets over IPSEC tunnel when traffic is not originated on the ASA.

suppose your network is like below

Local lan ---------- Inside FW-------------------Outside FW---VPN tunnel-OtherSide FW
192.168.1.0/24 172.16.10.0/24

two thing you can do
1) you can configure your inside firewall to do NAT for all local netwrok that want o communicate to remote and your outside firewall has to allow the necessary traffic for encryption.
for eg: 192.168.1.0 /24 will be natted to 172.16.10.0/24 ,and in your outisde firewall we have to encrypt only traffic from 172.16.10.0/24

2)
disable nat for the encryption traffic . then your outside firewall and the remote VPN device has to allow the local lan network in the encryption traffic.

Random Solutions

Difference between Oracle,MySQL and Sybase

Pass-Through Authentication from Active Directory to ASP.Net

Architecting a Silverlight GoogleMaps website

Access Warning and Errors

Java performance: multi threading CPU usage

Adding Static Route to VLAN - HP2610

Deleting A Row from a DataTable based on ID column

connecting to a windows 2003 file share from a mac, folders are empty

Run an Outlook 2007 rule only if the mail is 1 week old