i can connect a users ipad just fine using anyconnect however they can not connect to any resource on the company network.
i found that the users home network was also using 192.168.1.xxx the same as my company's network. my firewall is assiging 172.16.16.xxx to vpn clients.
if i change my users home network to something other than 192.168.1.xxx eg 10.0.0.1, then i can connect to our intrAnet page at work, we can rdp to workstations etc.
my only problem with this work around is 1. im not about to change my companies internal ip scheme just for 1 or 2 users.
2. these users will likely use internet from different locations, which most access points are 192.168.1.xxx ip schemes at hotels and confrence centers etc.
so is their any way to force the i-pad to send all trafic over the vpn tunnel?
here is some maybe important info
not using certificates (no connect on demand)
not split tunneling, so web browsing on home internet not allowed while connected to vpn
using rsa tokens
asa 5500 firewall
my ssl is self signed not a store bought one from verisign or something like that.
thanks in advance for any info.