We recently transitioned all of our policy-based site-2-site VPNs over to route-based VPNs using VTIs. The new VTI configuration for site-2-site VPNS works so slick. However, we can't get the AnyConnect VPN clients access to the downstream location...