We have a client who has a Peplink balance 20 in his facility. We are attempting to setup a VPN connection from a home office to a Cisco ASA5505 located BEHIND the Peplink. In other words, we need a VPN connection using IP Prot 50 to pass THROUGH the Pep20 and not terminate a vpn in the pep20. This is for a proprietary piece of equipment that we monitor on our side.
For this reason we have tried to lock down the ASA to only seeing the essential VPN traffic of ESp, yet no config the user has been able to establish seems to want top pass through. If we remove the inbound access list we can establish a NAT-T connection. The userhas relayed that he is basically passing everything to us yet no linkup when we apply the access list. To be clear the exact same setup works flawlessly on sites without a Peplink, using a pure external IP. Unfortunately this site is somewhat rural and needs to use the single connection for outbound internet traffic as well so we cannot just pilfer the connection.
Is there a standard or example config for this situation?