= users on other l2l tunnel needing access to web host
same-security-traffic permit intra-interface
global (outside) 1 interface
nat (outside) 1
Make sure the web host they are accessing is part of the crytpo acl for the l2l tunnel on the local end.
access-list crypto extended permit ip host
and a mirror image on the far end.
access-list crpyto extended permit ip host
and also nat 0 for the far end...
access-list nat0 extended permit ip host
nat (inside) 0 access-list nat0