Hi all...

I have set up my asa accepting vpn clients in from outside... My clients get their adresses from a pool 192.168.22.0/24.

ip local pool VPN_CLIENT_POOL 192.168.22.1-192.168.22.255 mask 255.255.255.0

Then I have a net that are behind another router on the LAN side that I am trying to reach :

NorAlarm(config)# sh route

S 172.16.0.0 255.255.0.0 [1/0] via 10.0.2.10, inside

I am reaching that net from the asa :

NorAlarm(config)# ping 172.16.0.13

Sending 5, 100-byte ICMP Echos to 172.16.0.13, timeout is 2 seconds:

!!!!!

but from the vpn client I am not.. I do have a route back to the vpn client net from that inside router..

C:\Documents and Settings\jpe>ping 172.16.0.13

Pinger 172.16.0.13 med 32 byte data:

Foresp?rsel avbrutt.

Foresp?rsel avbrutt.

As you can see I am not getting there. I am not sure what I do wrong here. I got the route on the vpn client also :

172.16.0.0 255.255.255.0 192.168.22.2 192.168.22.2 1

I am reaching all the servers on the inside net from my vpn clients but not on that remote net on the inside of that net again..

net :

vpn client(192.168.22.0)---ASA---inside(10.0.2.0)---router--- 172.16.0.0

Anybody that can help me understand why I am not reaching that net..

nat (inside) 0 access-list NAT-0

nat (inside) 1 0.0.0.0 0.0.0.0

access-list NAT-0 extended permit ip 10.0.2.0 255.255.255.0 192.168.22.0 255.255.255.0

access-list NAT-0 extended permit ip 172.16.0.0 255.255.0.0 192.168.22.0 255.255.255.0

access-list SPLIT_TUNNEL extended permit ip 10.0.2.0 255.255.255.0 any

access-list SPLIT_TUNNEL extended permit ip 172.16.0.0 255.255.0.0 any