In my scenario I have to encrypt the traffic on Layer 2 & Layer 3. My thinking is MACsec on the core switch up until it hits the ASA, then configure an IPsec tunnel for that subnet to reach the remote site ASA. In theory, the architecture would be as...