we have an ip pool allocated on the firewall (ASA 5520) for remote access vpn. vpn users can access all internal resources with the exception of the following segments:
192.168.200.0\24
There are no ACL's on the vlan interface to block this traffic, the problem appears to be on the firewall. Here's all the nonatI have for the IP pool segment (10.20.50.0\24):
access-list inside_nat0_outbound extended permit ip 10.0.0.0 255.0.0.0 10.20.50.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.20.99.0 255.255.255.0 10.20.50.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip any 10.20.50.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 192.168.4.0 255.255.255.0 10.20.50.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 192.168.200.0 255.255.255.0 10.20.50.0 255.255.255.0
Again, the routing is not the problem.