Hi Philip, Thank you for taking your time to comment. The issue I had was that traffic was not getting back to the MX, so needed to find another way to make this work. But after some investigation it was found that server was getting the packed but replying via the default gateway and that was the ASA. ASA was dropping the packet. Asymmetric routing was happening. Had to configure tcp-state-bypass on the ASA to permit this subnet to talk to VPN subnet via ASA. All is working for TCP and UDP traffic. ICMP is still not working but i will take it. What I should of done is connect the MX on its own Vlan. Never rely on ASA to be a router 🙂
... View more
