I have made changes to nat and IPSec ACL's but the new lines in the ACL's are being ignored!
This results in packets that should be sent encrypted going out unencrypted even though the packets match the ACL.
On a different interface new rules for nat are not taking effect, thus packets are leaving the ASA without being natted!
Active/Failover in operation.