Hi DaveB-WIST,
Yes, routing but, via the LAN-to-LAN VPN profile configuration.
In the VPN profile, at each remote end (100 & 200), add the opposing subnet to the “More Remote Subnet:” box - if using a 3900 at these remote-ends too?
This only needs to be done at the remote-ends, the ends that are connecting inwardly to the central 3900, as the central 3900 already knows about all of its connected subnets so can route/forward the traffic on; whereas before doing the above, the remote ends (the remote LANs) would not know how to reach the subnet on the other side of the central 3900, but, because you have now added it to the VPN profile, the remote ends will be aware of how to reach the other subnet and will route the traffic through the VPN connection.
You should also observe a new entry in the ‘Routing Table’, which will be the new subnet you’ve just added to the VPN Profile config.
If you also have additional LANs at one of the remote sites, or both, they too will need adding to the relevant “More Remote Subnet:” box, so their subnet can also communicate across the central 3900 connection.
One further note, if you do have additional LANs(Subnets) at the remote sites, and want to add them as well, these additional subnets will need adding to the LAN-to-LAN Profile config on the central 3900 too - in that scenario, as the default ‘Local LAN’ in the remote VPN Profile is the only subnet the central 3900 will be aware of at the remote site, hence why you need to add additional subnets that need to be reachable, into the VPN profile config.
