I am sure I am overlooking something very simple, so I am hoping for a second set of eyes that will clue me in on where I am going wrong.
Basically I have a cisco client remote accessing into a 5510. Authentication works fine, secured routes info show correctly in my client, client reports that traffic is being encrypted, but I can't access any of the resources over the tunnel. Attached is a file of the configuration and an output of a #sh crypto ipsec sa peer x.x.x.x command that shows traffic is not being passed. Thanks for the help in advance.
btw l2l configuration works fine.
I see (from your split tunnel acl) that you are trying to pass some traffic to some internal networks that are not in your nat exemption acls (no-nat-inside, no-nat-dmz). Make sure in those no-nat acls you permit from the "inside" to the VPN client pool.
Other common causes:
-your internal routers may not have a route towards the ASA for the VPN client pool
-access-lists applied to the interfaces (show run access-group) may not permit the traffic from the "inside" network to the VPN clients
-Configure split-dns under the group-policy for your internal domain names