I'm in the process of setting up VPN. The setup is easy but ACL's can be rather difficult to get working correctly even when something is missing. It seems I can ping and access my server network. I can access and ping my core switch with no problems. Anything pass that I cannot reach, ping or access.
I gone as far as creating a Standard ACL to an Extended and neither will work.
What is missing to make this work correctly?
Assuming that the network that you are trying to access is connected to the ASA inside interface.
So if you run the command: "sh run nat", you should see a NAT exemption statement as follows:
nat (inside) 0 access-list
On that access-list, you should add an access-list line that says to permit from source: the network behind the core switch that you were trying to access towards the vpn ip pool subnet.
And on your core switch, if ASA is not the default gateway, you would need to add route for the ip pool subnet towards the ASA.
Hope that helps.