Great exactly what i needed thanks❤

So ACLs are not needed in a route-based VPN? What if you wanted to do port filtering in a Route Based VPN?

Was this done. A video for site to site vpn VTI with route tracking/SLA monitoring if primary VPN tunnel get down, the secondary to pass the traffic.

Thanks James

Nice work. I have a question. From Site-B(config)#route Site_A 192.168.1.0 255.255.255.0 10.10.10.1, what if we want to allow only three IP addresses, say 192.168.1.2, 192.168.1.12 and 192.168.1.27 from the subnet 192.168.1.0/24 to access the network (for security purposes), do we have to use access-list for that? If yes, how can we define the access-list to permit only those three IPs? This is a very important question to me. Thanks for paying attention.

Also, can you do one using ikev2?

What is a command " crypto ipsec profile Site_B "? I do not have like this.

Thank you

could you please make a video for site to site vpn VTI with route tracking/SLA monitoring if primary VPN tunnel get down, the secondary to pass the traffic.

Hello for your default route "route Outside 0.0.0.0 0.0.0.0 203.205.206.1" , where is 203.205.206.1 on your diagram?

Thanks James. What if I have more than one subnet on either side of tha LANs? And What if the destination subnets are more than one security-level behind? Example: one subnet behind "inside" and other behind "dmz"