Need some help on accessing the subnets on the Non-Meraki S2S VPN peer.
I already have up and running an IPsec tunnel between HQ and Branch(ASA to ASA), now the idea is to update our Branch ASA5510 to MX84.
Just tested a VPN between MX84 and the HQ ASA and connects normally as I'm able to check over the " All Non-Meraki/Client VPN" event log.
My work on replacing the ASA to MX was to mirror the conf in ASA to MX, advertising the subnets the way they were on ASA.
The problem is that I'm not able to ping the HQ subnets from the MX.
The only thing that I see suspicious is that in ASA I see several route as:
route outside x.x.x.x(HQ subnet) 255.255.0.0 x.x.x.x(Branch MX WAN gateway) 10
I did configured a static route on MX, with HQ subnet pointing to MX local lan IP which does not go online on Route Table, tried too HQ subnet pointing to WAN gateway, but the MX does allow this stating that there's no subnet active as WAN subnet.