I am currently using an ASA5520 and the ASDM app to configure VPN clients in split-tunnel mode. As of now remote clients can access the internal network of the ASA, their own local LAN and the Internet. I have static routes on the ASA so that it can get to other internal networks. I have also added these internal networks to the split-tunnel list thinking that this would allow my clients to get to those networks but it isn't working. I can see the remote networks added to the clients route table but pings and traces die at the ASA and go no further. What I'm I missing here?
not it is not because ASDM and ASA have no idea what inernal networks u have u might have tens of internal networks through routers connected to inside or DMZ so i see it is better to do it manuly to have control which network can the vpn client communicate with and which not
hope this helpful