Hello I've created a diagram here to illustrate the problem. Just looking for some confirmation that this would be the correct fix for this. Our server inside Site3 cannot reach the internal Site2 network is the issue. Appreciate any help.
Diagram is attached here.
Go to Solution.
Okay, I think I just misread which ASA was doing what.
So the answer is still yes, you need to apply that to the incoming interface.
View solution in original post
Yes, you need to add it to the interface as per your diagram.
However I am a bit confused ie. you have a VPN between the sites, do you not already have a NAT exemption ?
Thanks Jon. Yes there is NAT exemption between the main campus inside networks and the remote site network
Also, on Site2's firewall
object network obj-10.10.10.0 subnet 10.10.10.0 255.255.255.0
nat (inside,any) source static obj-10.10.10.0 obj-10.10.10.0 no-proxy-arp route-lookup
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: