OK, so I have been reading that an IPSec site-to-site will get me more speed between sites so I changed from the OpenVPN site-to-site to an IPSec site-to-site. That all seems to be working well, except with the IPSec I'm unable to get to the router at B from A, and the reverse, for management. With the OpenVPN I did not have this issue. Also, I have L2TP IPSec mobile VPN set at each site and they do not have a problem with management (of the site they are connected to of course). I have read that I need to set some firewall rules, but I don't want to open my mgmt (https and ssh) to the world. I would set these in WAN_Local right? Or?
Second. I have a server at site A, who's traffic I need to route through site B, so that it's traffic always shows as the IP of site B. How can I go about this?
I've read some things about using virtual interfaces (vti) for the tunnels instead of the different subnets. I have 4 subnets at site A and 2 at site B currently entered in my configuration. Would vti be a better tool for this from a management perspective or what does the community think would work best? Would this help with routing server at site A through site B?
EDIT: I also need to forward 1 port from site B through to server IP at site A
