I have a 5505 that I've successfully setup an IPSEC connection up to. It is using NT authentication against Active Directory to authenticate. After I connect, I can access everything on the remote (internal) network. I can not access anything on the internet.
Anything behind the ASA can get to the internet, it's the vpn clients that can't get back out.
The syslog messages show the vpn clients buiding up and tearing down ICMP connections if they are trying to ping externally, but they get no response.
I know it's most likely an ACL or NAT statement that I'm missing, any ideas?
You have 2 options.
Split tunneling, unencrypted access to internet.
Public internet on a stick, internet traffic is tunneled to outside of ASA and back out.
same-security-traffic permit intra-interface
global (outside) 1 interface
nat (outside) 1