Site to Site VPNs and routing

atorven

Being new to ASA's I’m trying to make heads or tails of firewall configs, one thing I don't understand is what's that purpose of the creating routes to the destination networks pointing to the destination firewall's outside address? In what scenario would this be required? Most of the configs that I have seen don’t have these routes statically setup, how does this affect the firewall/traffic flow?
I was under the impression that firewall would just forward traffic to its peer dynamically through regular routing?

Thanks guys.

SecurityThroughObscurity

Can you give us an example.

EdTheLad

What would you do if your company policy doesn't allowing l3 peering to firewalls? Static routes maybe?

atorven

@ SecurityThroughObscurity - Please see below;
Remote lan: 172.16.2.0/24
Remote firewall: 192.168.1.1
route outside 0.0.0.0 0.0.0.0 2.2.2.2 1
route outside 172.16.2.0 255.255.255.0 192.168.1.1 1

@EdTheLad - What's wrong with allowing l3 peering to firewalls?