Hello Sec Gurus,
I have an ASA that handles a lot of VPN L2L terminations, and recently we noticed that we started facing the duplicate remote subnets issues, and sometimes customers don't know how to do advanced NAT from his end, I know I can do Twice NAT ...etc, but still, I have to pull working customers and ask them to perform change for their destination subnet,
the amount of termination is quite large, and we can't handle issues (more specifically the duplicate remote subnets) anymore,
we are planing to put a set of new ASA firewall(the one we have is about to die/EOLS), and before jump right to new gears, I want to make sure I have a solid design that manages remote subnets conflict ..etc
Really need your help to come up with a solid design. if there any article that talks about Large VPN concentrator designs, please point me in.