I'm in need of some help.
We have just added a new colocation to our network.
See attached diagram (not great)
Pretty much everyone can talk to each other with 1 exception.
There are two IPsec VPN client sites.
There is one at the corp location and another at the colocation.
If I am on the 192.168.1.0/24 network (corp users) and I am trying to do support for remote vpn users - 192.168.252.0/24, what will I need to do?
My problem is I'm not sure how to add the route on the CORP ASA for a subnet on the other side of the tunnel.
So, users on 192.168.1.0/24 trying to get to remote machines/users on 192.168.252.0 in the CoLocation VPN subnet.
I've tried to add the following on the corp ASA (where my desktop is)
route inside 192.168.252.0 255.255.255.0 192.168.2.1
I cannot ping any of the remote clients and traceroute fails.
I've added nat rules to both devices and access-lists.
The packet trace in ADSM both show the packets are allowed.
I'm not sure where to look next.