Guys we have remote windows machine which will use L2tP over IPSEC......i have successfully coinfigured it but i cant oing any network inside ASA.

I have few questions

My internal network connected to my inside is 192.168.1.0/24 (ip is 192.168.1.200/24)

I have created a local pool for remote user 192.168.1.1-192.168.1.2

can i use it as its overlapping.............my requirment is that when they conenct they shd be on same LAN and can use teh resources

My config is as below (Kindly see the NAT statement as well) 

I can ping from firewall to client machine but cant from machine to internal network

ip local pool L2TP-Pool 192.168.1.1-192.168.1.10

ASA(config)# object network Internal-Subnet

ASA(config-network-object)# subnet 192.168.1.0 255.255.255.0

ASA(config-network-object)# object network L2TP-Subnet

ASA(config-network-object)# subnet 192.168.1.0 255.255.255.224

nat (inside,outside) source static Internal-Subnet Internal-Subnet destination static L2TP-Subnet L2TP-Subnet no-proxy-arp route-lookup

ASA(config)# access-list Split-Tunnel-ACL standard permit 192.168.100.0 255.255.255.0

ASA(config)# crypto ipsec ikev1 transform-set L2TP-IKE1-Transform-Set esp-aes esp-sha-hmac

ASA(config)# crypto ipsec ikev1 transform-set L2TP-IKE1-Transform-Set mode transport

ASA(config)# crypto dynamic-map L2TP-MAP 10 set ikev1 transform-set L2TP-IKE1-Transform-Set

ASA(config)# crypto map L2TP-VPN-MAP 20 ipsec-isakmp dynamic L2TP-MAP

ASA(config)# crypto map L2TP-VPN-MAP interface outside

ASA(config)# crypto ikev1 enable outside

ASA(config)# crypto ikev1 policy 5

ASA(config-ikev1-policy)# authentication pre-share

ASA(config-ikev1-policy)# encryption 3des

ASA(config-ikev1-policy)# hash sha

ASA(config-ikev1-policy)# group 2

ASA(config-ikev1-policy)# lifetime 86400

ASA(config-ikev1-policy)#

ASA(config)# group-policy L2TP-Policy internal

ASA(config)# group-policy L2TP-Policy attributes

ASA(config-group-policy)# vpn-tunnel-protocol l2tp-ipsec

ASA(config-group-policy)# split-tunnel-policy tunnelspecified

ASA(config-group-policy)# split-tunnel-network-list value Split-Tunnel-ACL

ASA(config-group-policy)# intercept-dhcp enable

ASA(config-group-policy)# username petenetlive password password123 mschap

ASA(config)# tunnel-group DefaultRAGroup general-attributes

ASA(config-tunnel-general)# address-pool L2TP-Pool

ASA(config-tunnel-general)# default-group-policy L2TP-Policy

ASA(config-tunnel-general)# tunnel-group DefaultRAGroup ipsec-attributes

ASA(config-tunnel-ipsec)# ikev1 pre-shared-key 1234567890

ASA(config-tunnel-ipsec)# tunnel-group DefaultRAGroup ppp-attributes

ASA(config-ppp)# no authentication chap

ASA(config-ppp)# authentication ms-chap-v2

nat (inside,outside) source dynamic any interface

route outside 0.0.0.0 0.0.0.0 210.x.x.x.x