Cisco ASA VPN - Is there any way to get a remote remote site to pass ALL Traffic across an IPSec VPN so that a central content filter will apply?
Posted on 2014-04-06
I have a (2) Site IPSec setup, and I want to get the internet traffic from the remote site to pass to the HUB site so that the content filter at that site processes the traffic from the remote site as well.
I have done this with IOS VPN's before (GRE over IPSec with the default route pointing to a TUNNEL interface) but I have never found a solution that will let me do this with Cisco ASA's. Sonicwalls seem to have it covered with the checkbox "Force all traffic to remote site" in the VPN ... I can't imagine that this is not possible with a Cisco ASA, which is supposed to be a superior device and platform.
Note: Because of the appliance (Barracuda 410), we cannot use WCCP as an option since the Barracuda will ONLY allow one host to do WCCP.