After connecting via anyconnect client 2.5, I cannot access my internal network or internet.

My Host is getting ip address of 10.2.2.1/24 & gw:10.2.2.2

Following is the config

ASA Version 8.2(5)

!

names

name 172.16.1.200 EOCVLAN198 description EOC VLAN 198

dns-guard

!

interface Ethernet0/0

description to EOCATT7200-G0/2

switchport access vlan 2

!

interface Ethernet0/1

description to EOC-Inside

switchport access vlan 198

!

!

interface Vlan1

shutdown

no nameif

security-level 100

no ip address

!

interface Vlan2

nameif outside

security-level 0

ip address 1.21.24.23 255.255.255.248

!

interface Vlan198

nameif inside

security-level 100

ip address 172.16.1.1 255.255.255.0

!

ftp mode passive

clock timezone PST -8

clock summer-time PDT recurring

dns server-group DefaultDNS

domain-name riversideca.gov

access-list outside_acl extended permit icmp any interface inside

access-list outside_acl extended permit ip any any

access-list inside_acl extended permit icmp any interface outside

access-list inside_acl extended permit icmp interface outside any

access-list inside_acl extended permit ip any any

access-list inside_acl extended permit ip 172.16.1.0 255.255.255.0 any

access-list inside_acl extended permit ip 10.0.0.0 255.0.0.0 any

access-list NONAT extended permit ip 10.10.10.0 255.255.255.0 10.2.2.0 255.255.255.0

access-list NONAT extended permit ip 10.2.2.0 255.255.255.0 10.10.10.0 255.255.255.0

access-list NONAT extended permit ip 10.10.86.0 255.255.255.0 10.2.2.0 255.255.255.0

access-list NONAT extended permit ip 10.2.2.0 255.255.255.0 10.10.86.0 255.255.255.0

access-list NONAT extended permit ip 10.80.1.0 255.255.255.0 10.2.2.0 255.255.255.0

access-list split-tunnel standard permit 172.16.1.0 255.255.255.0

access-list split-smart standard permit any

ip local pool SSLClientPool 10.2.2.1-10.2.2.50 mask 255.255.255.0

asdm image disk0:/asdm-649.bin

global (outside) 1 interface

nat (inside) 0 access-list NONAT

nat (inside) 1 172.16.1.0 255.255.255.0

nat (inside) 1 0.0.0.0 0.0.0.0

access-group outside_acl in interface outside

access-group inside_acl in interface inside

route outside 0.0.0.0 0.0.0.0 1.21.24.23 1

route inside 10.0.0.0 255.0.0.0 EOCVLAN198 1

route inside 192.168.1.0 255.255.255.0 EOCVLAN198 1

route inside 192.168.100.0 255.255.255.0 EOCVLAN198 1

route inside 192.168.211.0 255.255.255.0 EOCVLAN198 1

webvpn

enable outside

svc image disk0:/anyconnect-dart-win-2.5.3055-k9.pkg 1

svc enable

tunnel-group-list enable

group-policy SSLCLientPolicy internal

group-policy SSLCLientPolicy attributes

dns-server value 10.10.86.128 10.10.86.129

vpn-tunnel-protocol svc webvpn

split-tunnel-policy tunnelspecified

split-tunnel-network-list value split-smart

default-domain value yourname.tld

address-pools value SSLClientPool

username test password P4ttSyrm33SV8TYp encrypted privilege 15

username admin password fOGXfuUK21gWxwO6 encrypted privilege 15

tunnel-group SSLClientProfile type remote-access

tunnel-group SSLClientProfile general-attributes

default-group-policy SSLCLientPolicy

tunnel-group SSLClientProfile webvpn-attributes

group-alias EOCSSL enable

!

class-map global-class

class-map IPS

class-map my-ips-class

class-map test1

class-map inspection_default

match default-inspection-traffic

!

!

policy-map type inspect dns preset_dns_map

parameters

  message-length maximum client auto

  message-length maximum 512

policy-map global_policy

class inspection_default

  inspect dns preset_dns_map

  inspect ftp

  inspect h323 h225

  inspect h323 ras

  inspect rsh

  inspect rtsp

  inspect esmtp

  inspect sqlnet

  inspect skinny 

  inspect sunrpc

  inspect xdmcp

  inspect sip 

  inspect netbios

  inspect tftp

  inspect ip-options

  inspect ipsec-pass-thru

  inspect http

  inspect pptp

  inspect icmp

class global-class

  ips inline fail-close

class class-default

  set connection decrement-ttl

policy-map my-ips-policy

class my-ips-class

  ips promiscuous fail-open

!

service-policy global_policy global

p

ciscoasa#    show log

Syslog logging: enabled

Aug 02 2012 21:34:03: %ASA-6-302014: Teardown TCP connection 60662 for outside:10.2.2.1/62706 to outside:74.125.224.228/443 duration 0:00:00 bytes 0 Flow is a loopback (test)

Aug 02 2012 21:34:09: %ASA-6-302015: Built inbound UDP connection 60664 for outside:10.2.2.1/49768 (10.2.2.1/49768) to inside:10.10.86.128/53 (10.10.86.128/53) (test)

Aug 02 2012 21:34:09: %ASA-6-302014: Teardown TCP connection 60665 for outside:10.2.2.1/62706 to outside:74.125.224.228/443 duration 0:00:00 bytes 0 Flow is a loopback (test)

Aug 02 2012 21:34:10: %ASA-6-302015: Built inbound UDP connection 60666 for outside:10.2.2.1/49768 (10.2.2.1/49768) to inside:10.10.86.129/53 (10.10.86.129/53) (test)

Aug 02 2012 21:34:11: %ASA-5-305013: Asymmetric NAT rules matched for forward and reverse flows; Connection for tcp src outside:10.2.2.1/62708 dst inside:192.248.248.120/443 denied due to NAT reverse path failure

Aug 02 2012 21:34:21: %ASA-6-302015: Built inbound UDP connection 60668 for outside:10.2.2.1/50715 (10.2.2.1/50715) to inside:10.10.86.128/53 (10.10.86.128/53) (test)

Aug 02 2012 21:34:21: %ASA-6-302015: Built inbound UDP connection 60669 for outside:10.2.2.1/64333 (10.2.2.1/64333) to inside:10.10.86.128/53 (10.10.86.128/53) (test)

Aug 02 2012 21:34:22: %ASA-6-302015: Built inbound UDP connection 60670 for outside:10.2.2.1/50715 (10.2.2.1/50715) to inside:10.10.86.129/53 (10.10.86.129/53) (test)

Aug 02 2012 21:34:22: %ASA-6-302016: Teardown UDP connection 60474 for outside:10.2.2.1/50367 to inside:10.10.86.128/53 duration 0:02:01 bytes 40 (test)

Aug 02 2012 21:34:22: %ASA-6-302016: Teardown UDP connection 60475 for outside:10.2.2.1/60325 to inside:10.10.86.128/53 duration 0:02:01 bytes 46 (test)

Aug 02 2012 21:34:22: %ASA-6-302015: Built inbound UDP connection 60671 for outside:10.2.2.1/64333 (10.2.2.1/64333) to inside:10.10.86.129/53 (10.10.86.129/53) (test)

Aug 02 2012 21:34:22: %ASA-6-302014: Teardown TCP connection 60672 for outside:10.2.2.1/62713 to outside:74.125.224.228/443 duration 0:00:00 bytes 0 Flow is a loopback (test)

Aug 02 2012 21:34:23: %ASA-6-302016: Teardown UDP connection 60477 for outside:10.2.2.1/50367 to inside:10.10.86.129/53 duration 0:02:01 bytes 40 (test)

Aug 02 2012 21:34:23: %ASA-6-302016: Teardown UDP connection 60479 for outside:10.2.2.1/60325 to inside:10.10.86.129/53 duration 0:02:01 bytes 46 (test)

ciscoasa# show vpn-sessiondb svc

Session Type: SVC

Username     : test                   Index        : 21

Assigned IP  : 10.2.2.1               Public IP    : 76.95.186.82

Protocol     : Clientless SSL-Tunnel DTLS-Tunnel

License      : SSL VPN

Encryption   : RC4 AES128             Hashing      : SHA1

Bytes Tx     : 13486                  Bytes Rx     : 136791

Group Policy : SSLCLientPolicy        Tunnel Group : SSLClientProfile

Login Time   : 21:26:21 PDT Thu Aug 2 2012

Duration     : 0h:08m:41s

Inactivity   : 0h:00m:00s

NAC Result   : Unknown

VLAN Mapping : N/A                    VLAN         : none