I'm a newbie ,but here's what I have.
Set up ASA 5510 VPN ipsec(preshare) and relayed user authentication to our DC. I have acl set up for inside lan access and split tunnel for internet usage.
Here is my deal. When I connect via vpn client, I am able to access the local lan, netshares, intranet..etc(good, that's what I want)....I also have proper IP from the VPN pool created...I can even ping inside (DC ..users..etc) I just can't see the vpn client (user that is logged in remotely) from the inside at all (from dns or vpn pool generated IP)...I can't ping them or anything.
I'd like to see these guys when they are on the lan like a normal user on the lan. I'm sure you guys can throw some suggestions at me.
Basically I can't see my users when they are logged into the VPN, but they can see everything on the LAN. Their firewalls are down..etc. Need to see them for troubleshooting remotely amongst other things.