Hi everyone!
We've got about 10 routers 1941 and 881w connected to asa with vpn ipsec site-to-site.
for example, asa wan ip 89.100.1.1 local subnet 192.168.1.0/24
881w wan ip 89.100.1.2 local subnet 192.168.2.0/24
I want to set up firewall on incoming connections for asa
I opened udp 500 and 4500 ports, allowed protocols esp and ah.
But traffic doesn't pass from 192.168.1.0 subnet to 192.168.2.0 subnet.
What more rules should I make?