We have a VPN device that is not plugged into our Cisco ASA firewall - it's on an outside IP address parallel to the firewall. It's inside interface is plugged into our local network. What we ideally want to do is have any traffic destined for a network that this device controlls via VPN be routed directly to it. Our users Gateway is our Cisco firewall. I put a static route in the cisco to this device for those networks - and from the cisco side I'm able to ping those networks just fine. However, on the client side the Cisco is not allowing any of the traffic to flow through. Ideally we don't want the ASA to process this traffic but since it's a firewall it seems it will need to. I did try to put some access lists in there - but it just won't allow the traffic through. The route is using the inside interface since the VPN device is on our local network. Is there a way to tell the Cisco to not route the traffic destined for those networks through the firewall - to just build the routing table? Or is there a better way to accomplish this?