Help! can you look an the config and diagram below and see what my problem is?

Thanks!!!

__________inside (172.0.0.0/8) Sec 100

/

(internet) ---------> outside /___________dmz (192.168.2.66/24) Sec 50

\

\__________corporate (10.2.195.0/24) Sec 90

remote user vpn-pool 192.168.100.0/28 (ssl vpn)

Problem - remote user can get to all networks in the inside, but cannot access the corporate net.

- logs show a syn failure, which indicates a routing problem - I think

Snippet of configuration:

!

interface GigabitEthernet0/0

nameif outside

security-level 0

ip address x.x.83.8 255.255.255.0

!

interface GigabitEthernet0/1

nameif inside

security-level 100

ip address 172.31.1.8 255.255.255.0

!

interface GigabitEthernet0/2

nameif dmz

security-level 50

ip address 192.168.2.66 255.255.255.0

!

interface GigabitEthernet0/3

nameif corporate

security-level 100

ip address 10.2.195.28 255.255.255.0

!

access-list outside_access_in remark Conn to MARS

access-list outside_access_in extended permit tcp any host x.x.83.7 eq https log debugging

access-list outside_access_in extended permit tcp any host x.x.83.7 eq ftp log debugging

access-list outside_access_in extended permit tcp any host x.x.83.7 eq 5915 log debugging

access-list outside_access_in extended permit tcp any host x.x.83.7 eq 5910 log debugging

access-list outside_access_in extended permit tcp any host x.x.83.7 eq 5911 log debugging

access-list outside_access_in extended permit tcp any host x.x.83.7 eq 5900 log debugging

access-list outside_access_in extended permit tcp any host x.x.83.7 eq telnet log debugging

access-list outside_access_in extended permit icmp any any log debugging

access-list outside_access_in extended permit ip 192.168.100.0 255.255.255.240 any log debugging

access-list inside_access_in extended permit ip any any log debugging

access-list corporate_access_in extended permit ip any any log debugging

access-list corporate_access_out extended permit ip any any log debugging

access-list inside_nat0_outbound extended permit ip any 192.168.100.0 255.255.255.240

access-list inside_access_out extended permit ip any any log debugging

access-list corporate_nat0_outbound extended permit ip any 192.168.100.0 255.255.255.240

!

ip local pool vpnpool 192.168.100.1-192.168.100.14 mask 255.255.255.240

!

global (outside) 1 interface

global (inside) 1 interface

global (corporate) 1 interface

nat (inside) 0 access-list inside_nat0_outbound

nat (inside) 1 172.0.0.0 255.0.0.0

nat (corporate) 0 access-list corporate_nat0_outbound

nat (corporate) 1 192.168.100.0 255.255.255.240

nat (management) 0 0.0.0.0 0.0.0.0

static (dmz,outside) tcp x.x.83.7 ftp 192.168.2.67 ftp netmask 255.255.255.255

static (inside,outside) tcp x.x.83.7 5915 172.20.5.15 5915 netmask 255.255.255.255

static (inside,outside) tcp x.x.83.7 5910 172.20.5.10 5910 netmask 255.255.255.255

static (inside,outside) tcp x.x.83.7 5911 172.20.3.11 5911 netmask 255.255.255.255

static (inside,corporate) tcp interface 5910 172.20.5.10 5910 netmask 255.255.255.255

static (inside,outside) tcp x.x.83.7 5900 172.20.5.22 5900 netmask 255.255.255.255

static (inside,outside) tcp x.x.83.7 telnet 172.31.1.39 telnet netmask 255.255.255.255

static (inside,outside) tcp x.x.83.7 https 172.31.1.29 https netmask 255.255.255.255

access-group outside_access_in in interface outside

access-group inside_access_in in interface inside

access-group inside_access_out out interface inside

access-group corporate_access_in in interface corporate

access-group corporate_access_out out interface corporate

route outside 0.0.0.0 0.0.0.0 x.x.83.1 1

!

webvpn

port 444

enable outside

svc image disk0:/sslclient-win-1.1.2.169.pkg 1

svc enable