Ok, bit of a weird set up but I'll try and be as clear as I can.
We have a 1gig bearer which we trunk into an ASA 5525, where we then split the traffic on our inside interface, into sub interfaces where we apply PBR so that different client LAN's can be passed straight to the (we only use the PBR for the next hop) internet, and QoS where we police the bandwidth our clients pay for.
Now we have a client who has had their PBR/QoS solution for a while and they have had no issues with it, been working fine. They have recently upgraded their Point of Sale system and now need a IPSEC site to site vpn to take inventory/update the tills.
I have built the Site2Site VPN as I have done a hundred times on an ASA, no real surprises there...other than its not building...or more accurately not even trying to build a vpn.
Is there a quirk of running policy based routing then asking a site to site vpn to pass specific interesting traffic across it which I'm missing? If anyone can help, or point me in the right direction that would be great!
Thanks.
Frin
No comments:
Post a Comment