Hi, I have hub-and-spoke vpn network. The hub is Draytek 2950. Spokes A and B are Draytek 2950. Spoke C is Cisco ASA 5520.
Vpn from each site to hub works fine. Spoke-to-spoke VPN between A and B works fine, by adding subnet A to the remote network list on spoke B, and visa-versa. But spoke A (or B) to Spoke C (cisco) fails.
On spoke A and B, I have added the subnet C to the remote network list. On spoke C, I have added subnets A and B to the acl and the nat acl (similar to other cisco-only spoke-to-spoke setups). But no traffic will pass from spokes A or B to spoke C.
I think some config is needed on hub 2950 to allow traffic for A and B to pass through the VPN to C. Any one know what that config is? Thanks.

i have a similar topology. however the cisco asa s the hub unit, and we have dg384s on most spokes, and are starting to rollout Drayteks.

seems the draytek cannot handle spoke to spoke comms unless (according to your report) the hub is a draytek.

sigh. help?