I have the following configuration
10.20.x.x/16 [Cisco ASA] <--> [FGT] FGT-INT2 [192.168.5.1/24] -> Downstream subnet10.20.0.0/16
I need for staff on the Cisco Side 10.20/16 network to access a server on the FGt side 10.20/16 remote subnet. The VPN is Policy based.
Ideally I would like to front the server on the right side with a unique IP address (maybe VIP) - but not sure if VIP will work on the FGT side with a Policy based VPN
Ideally 10.20/16 ---> 192.168.5.5 [VIP] -- 10.20.16.1/32
I have configured, the logs show the traffic coming in and sending it to VIP but no traffic is sent to the remote network from the VIP
I am not sure a VIP will work in this scenario tbh.
Any guidance would be appreciated.