Good morning everyone. I am in need of some help. I am a newbie when it comes to configuring the ASA. Here is my problem. I have the asa configure and it is allowing me to get out to the internet. I have several VLANs on my network and from inside I can ping everything. I have created the VPN and I am able to connect to it and get in IP assigned from the pool of address. If I have multiple connections I can ping the other PCs. Right now I am able to ping the outside and inside interfaces of the ASA but no where else. I have split tunneling enabled. Here is a copy of my config.

Thanks

Dave 

Result of the command: "sh run"

: Saved

:

: Serial Number: *****

: Hardware:   ASA5505, 512 MB RAM, CPU Geode 500 MHz

:

ASA Version 9.1(5)21

!

hostname Main-ASA

domain-name *****

enable password ***** encrypted

xlate per-session deny tcp any4 any6

xlate per-session deny tcp any6 any4

xlate per-session deny tcp any6 any6

xlate per-session deny udp any4 any4 eq domain

xlate per-session deny udp any4 any6 eq domain

xlate per-session deny udp any6 any4 eq domain

xlate per-session deny udp any6 any6 eq domain

names

ip local pool AnyC-CPN-Client-Pool 192.168.59.0-192.168.59.250 mask 255.255.255.0

!

interface Ethernet0/0

 switchport access vlan 12

!

interface Ethernet0/1

 switchport access vlan 2

!

interface Ethernet0/2

 shutdown

!

interface Ethernet0/3

 shutdown

!

interface Ethernet0/4

 shutdown

!

interface Ethernet0/5

 shutdown

!

interface Ethernet0/6

 shutdown

!

interface Ethernet0/7

 shutdown

!

interface Vlan2

 nameif inside

 security-level 100

 ip address 192.168.0.1 255.255.255.252

!

interface Vlan12

 nameif Outside

 security-level 0

 ip address dhcp setroute

!

banner login *************************************

banner login       Unuathorized access is prohibited !!

banner login *************************************

ftp mode passive

clock timezone MST -7

clock summer-time MDT recurring

dns domain-lookup inside

dns domain-lookup Outside

dns server-group DefaultDNS

 domain-name *****

same-security-traffic permit inter-interface

same-security-traffic permit intra-interface

object network VLAN54

 subnet 192.168.54.0 255.255.255.0

 description VLAN 54

object network Management

 subnet 192.168.80.0 255.255.255.0

 description Management

object network VLAN51

 subnet 192.168.51.0 255.255.255.0

 description VLAN 51

object network VLAN52

 subnet 192.168.52.0 255.255.255.0

 description VLAN 52

object network VLAN53

 subnet 192.168.53.0 255.255.255.0

 description VLAN 53

object network VLAN55

 subnet 192.168.55.0 255.255.255.0

 description VLAN 55

object network VLAN56

 subnet 192.168.56.0 255.255.255.0

 description VLAN 56

object service 443

 service tcp destination eq https

object service 80

 service tcp destination eq www

object service 8245

 service tcp destination eq 8245

object service 25295

 service udp destination eq 25295

 description Blocking 25295

object network VPN-Connections

 subnet 192.168.59.0 255.255.255.0

 description VPN Connections

object-group service No-IP

 description no-ip.com DDNS Update

 service-object object 80

 service-object object 8245

 service-object object 443

access-list inside_access_in remark No-ip DDNS Update

access-list inside_access_in extended permit object-group No-IP object VLAN51 any

access-list inside_access_in extended permit ip any any

access-list VPN standard permit 192.168.0.0 255.255.0.0

access-list Outside_access_in remark Blocking 25295 to HTPC

access-list Outside_access_in extended deny object 25295 any object VLAN54

pager lines 24

logging enable

logging asdm warnings

mtu inside 1500

mtu Outside 1500

icmp unreachable rate-limit 1 burst-size 1

no asdm history enable

arp timeout 14400

no arp permit-nonconnected

nat (inside,Outside) source dynamic any interface

access-group inside_access_in in interface inside

access-group Outside_access_in in interface Outside

!

router eigrp 1

 no auto-summary

 network 192.168.0.0 255.255.255.252

 network 192.168.59.0 255.255.255.0

!

timeout xlate 3:00:00

timeout pat-xlate 0:00:30

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

timeout tcp-proxy-reassembly 0:01:00

timeout floating-conn 0:00:00

dynamic-access-policy-record DfltAccessPolicy

aaa-server LDAP protocol ldap

aaa-server LDAP (inside) host 192.168.51.1

 server-port 636

 ldap-base-dn cn=users,dc=spicerslocal

 ldap-scope subtree

 ldap-naming-attribute cn

 ldap-login-password *****

 ldap-login-dn cn=users,dc=*****

 sasl-mechanism digest-md5

 ldap-over-ssl enable

 server-type microsoft

user-identity default-domain LOCAL

http server enable

http 192.168.0.0 255.255.0.0 inside

http 0.0.0.0 0.0.0.0 Outside

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart

crypto ipsec ikev2 ipsec-proposal DES

 protocol esp encryption des

 protocol esp integrity sha-1 md5

crypto ipsec ikev2 ipsec-proposal 3DES

 protocol esp encryption 3des

 protocol esp integrity sha-1 md5

crypto ipsec ikev2 ipsec-proposal AES

 protocol esp encryption aes

 protocol esp integrity sha-1 md5

crypto ipsec ikev2 ipsec-proposal AES192

 protocol esp encryption aes-192

 protocol esp integrity sha-1 md5

crypto ipsec ikev2 ipsec-proposal AES256

 protocol esp encryption aes-256

 protocol esp integrity sha-1 md5

crypto ipsec security-association pmtu-aging infinite

crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES

crypto map Outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP

crypto map Outside_map interface Outside

crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP

crypto map inside_map interface inside

crypto ca trustpoint ASDM_TrustPoint0

 enrollment self

 subject-name CN=Main-ASA

 crl configure

crypto ca trustpool policy

crypto ca certificate chain ASDM_TrustPoint0

 certificate

                *****

  quit

crypto ikev2 policy 1

 encryption aes-256

 integrity sha

 group 5 2

 prf sha

 lifetime seconds 86400

crypto ikev2 policy 10

 encryption aes-192

 integrity sha

 group 5 2

 prf sha

 lifetime seconds 86400

crypto ikev2 policy 20

 encryption aes

 integrity sha

 group 5 2

 prf sha

 lifetime seconds 86400

crypto ikev2 policy 30

 encryption 3des

 integrity sha

 group 5 2

 prf sha

 lifetime seconds 86400

crypto ikev2 policy 40

 encryption des

 integrity sha

 group 5 2

 prf sha

 lifetime seconds 86400

crypto ikev2 enable Outside

crypto ikev2 remote-access trustpoint ASDM_TrustPoint0

telnet timeout 5

ssh stricthostkeycheck

ssh timeout 5

ssh key-exchange group dh-group1-sha1

console timeout 0

management-access inside

vpn-addr-assign local reuse-delay 5

threat-detection basic-threat

threat-detection statistics access-list

no threat-detection statistics tcp-intercept

ssl trust-point ASDM_TrustPoint0 Outside

ssl trust-point ASDM_TrustPoint0 inside

webvpn

 enable Outside

 anyconnect image disk0:/anyconnect-win-3.1.06079-k9.pkg 1

 anyconnect image disk0:/anyconnect-linux-2.5.2014-k9.pkg 2

 anyconnect image disk0:/anyconnect-macosx-i386-2.5.2014-k9.pkg 3

 anyconnect profiles AnyC-SSL-VPN_client_profile disk0:/AnyC-SSL-VPN_client_profile.xml

 anyconnect enable

 tunnel-group-list enable

group-policy DfltGrpPolicy attributes

 dns-server value 192.168.51.1 8.8.8.8

 vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client ssl-clientless

 split-tunnel-policy tunnelspecified

 split-tunnel-network-list value VPN

 default-domain value *****

 split-dns value 8.8.8.8

group-policy GroupPolicy_AnyC-SSL-VPN internal

group-policy GroupPolicy_AnyC-SSL-VPN attributes

 wins-server none

 dns-server value 8.8.8.8

 vpn-tunnel-protocol ikev2 ssl-client

 default-domain value *****

 webvpn

  anyconnect profiles value AnyC-SSL-VPN_client_profile type user

username Dave password ***** encrypted privilege 15

username Don password ***** encrypted privilege 15

tunnel-group AnyC-SSL-VPN type remote-access

tunnel-group AnyC-SSL-VPN general-attributes

 address-pool AnyC-CPN-Client-Pool

tunnel-group AnyC-SSL-VPN webvpn-attributes

 group-alias AnyC-SSL-VPN enable

!

class-map inspection_default

 match default-inspection-traffic

!

!

policy-map type inspect dns preset_dns_map

 parameters

  message-length maximum client auto

  message-length maximum 512

policy-map global_policy

 class inspection_default

  inspect dns preset_dns_map

  inspect ftp

  inspect h323 h225

  inspect h323 ras

  inspect ip-options

  inspect netbios

  inspect rsh

  inspect rtsp

  inspect skinny 

  inspect esmtp

  inspect sqlnet

  inspect sunrpc

  inspect tftp

  inspect sip 

  inspect xdmcp

!

service-policy global_policy global

prompt hostname context

no call-home reporting anonymous

call-home

 profile CiscoTAC-1

  no active

  destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService

  destination address email callhome@cisco.com

  destination transport-method http

  subscribe-to-alert-group diagnostic

  subscribe-to-alert-group environment

  subscribe-to-alert-group inventory periodic monthly

  subscribe-to-alert-group configuration periodic monthly

  subscribe-to-alert-group telemetry periodic daily

Cryptochecksum:af0fad1092e0314b0a80f20add03e3f7

: end