Activating a split-tunnel configuration managed to kill VPN access to hosts on the inside interface completely. (as in a logged in VPN user can no longer ping or RDP to a host on the inside) Did I miss something at 4am? Bug in 9.0(2) ? It worked before adding the split-tunnel config...
Well the suggest configurations should do the trick. We really need more information about what the situation is when you are connected with the VPN Client.
Can you show us the Secured Routes (or similiar) section of the VPN Client when its connected? Could you also show the Statistics page after you have tested connectivity so we can see if any traffic is actually forwarded to the VPN connections.
You could also use the following commands on the ASA when you have connected with the VPN Client and have tested some connections
show crypto ipsec sa
Have you tried connections to multiple hosts on the LAN so that the problem is not for example a single server that you cannot access?
Also, just to make sure, can you list the following configurations again
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...