One of our clients currently has an ASA 5510 on site, and they are using IPSEC VPN for their mobile users to connect.
The VPN Subnet is 172.16.1.0/24.
Internal network is 192.0.0.0/24. VPN Access works fine to the 192 subnet.
Private network behind the firewall is 162.xx.xx.0/16
Recently, we added an internal router for one of their departments to have secure access to the private network. There is another managed router on-site to connect to this private network that we have no access to change. We are connecting to the private network through the client's internal router and NAT-ing their internal network to the private network subnet. That is also working fine.
The issue is that I also need to route the VPN subnet to the private network. I have attempted to add the private network subnet to the split tunnel list and I can get as far as pinging the managed router interface at 162.xx.xx.1 but it goes no further than that.
I tried adding the 172 subnet to the NAT statements but that didn't get me anywhere.
What am I missing? See my 5-minute VISIO diagram for a better picture.