NAT only works on packets that enter the router on an interface with "ip nat inside" configured, and leaves the router on an interface with "ip nat outside" configured on it. Your traffic is not doing this and therefore is not NAT'd.
You can change your VPN pool of addresses to be valid routable IP addresses and this'll get around this problem.
A better way is just to configure split tunnelling, then Internet based traffic will be sent straight out to the Internet in the clear, rather than use up your router cycles.
NAT works only when the ingress interface has "ip nat inside" and egress has "ip nat outside" or if you configure NAT on Stick using policy based routing. In this case the encrypted traffic enters the Router via S0/0. You can try using either one of these options.
Configure the IPSec VPN client termination to the router in such a way that the tunnel terminates on an interface other than the one used for the Internet access. In this case an 'ip nat inside' on the inbound and "ip nat outside" on the egress would help.
In the present scenario you can try and configure NAT on Stick and use PBR to route the traffic to hit a loopback interface having configured with 'ip nat inside'. and the egress with 'ip nat outside'.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...