[c-nsp] ASA VPN routing
Mark Meijerink
Mark.Meijerink at vancis.nl
Mon Oct 10 02:58:50 EDT 2011
Hi there,
Does anyone know how the ASA makes its routing decision in routing traffic over and VPN?
Let's say we have a site-to-site VPN to site A using remote network 10.0.0.0/8 and site B using remote network 10.10.10.0/24. The crypto map for site A has a higher policy number so the IPSEC negotiations are successful.
When a packets needs to be routed to location A how will the ASA choose the VPN tunnel top send the packet trough?
Will the ASA match the traffic look again at the crypto map's interesting traffic ACL?
Is there some kind of VPN routing table to look up most specific match for the destinations of the packet?
If you can point me to a document describing this process I would really appreciate this. Thanks in advance for your reply.
Regards,
Mark
More information about the cisco-nsp
mailing list