remote access vpn error no.#305005

i have ASA5510 preloaded with asa708 IOS, and I upgraded to version 802 and configured it for remote access  VPN
When i tested the remote access vpn ( to use remote desktop or telnet service for the remote user over the LAV equipment). when i connect to the ASA using VPN client, i can connect normally but cannot access any of the LAN resources ( cannot ping or telnet any network device or remote desktop any pc) and always get SYSlog ID error no. 305005, which says" no translation group found icmp src outside:XXXX dst inside:XXXX(type8, code0". so can anyone help me.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

mohamedzidanAuthor Commented:
thanks to help me
it means:

A packet does not match any of the outbound nat command rules

This message indicates a configuration error. If dynamic NAT is desired for the source host, ensure that the nat command matches the source IP address. If static NAT is desired for the source host, ensure that the local IP address of the static command matches. If no NAT is desired for the source host, check the ACL bound to the NAT 0 ACL.
mohamedzidanAuthor Commented:
ihave two local subnet, for data and for voice. i have configured remote access vpn which should use nat 0 , and also configured site2site vpn ( for remote subnets for data and for voice).
the remote access user ip is
i have included below the configuration, so could you check it
remote users ( should be able to reach all local lan resources without NAT, NAT 0.

ASA Version 8.0(2)
hostname ciscoasa
enable password 2KFQnbNIdI.2KYOU encrypted
interface Ethernet0/0
 nameif OUTSIDE
 security-level 0
 ip address
interface Ethernet0/1
 no nameif
 no security-level
 no ip address
interface Ethernet0/2
 no nameif
 no security-level
 no ip address
interface Ethernet0/3
 nameif INSIDE
 security-level 100
 ip address
interface Management0/0
 nameif management
 security-level 100
 no ip address
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
clock timezone EET 2
object-group network DM_INLINE_NETWORK_1
object-group network DM_INLINE_NETWORK_2
object-group network DM_INLINE_NETWORK_3
access-list OUTSIDE_1_cryptomap extended permit ip object-group DM_INLINE_NETWORK_1 object-group DM_INLINE_NETWORK_2
access-list INSIDE_nat0_outbound extended permit ip object-group DM_INLINE_NETWORK_1 object-group DM_INLINE_NETWORK_2
access-list OUTSIDE_access_in extended permit ip any host
access-list OUTSIDE_access_in extended permit icmp any any
access-list INSIDE_access_in extended permit ip any host
access-list INSIDE_access_in extended permit ip object-group DM_INLINE_NETWORK_3 any
pager lines 24
logging enable
logging asdm informational
mtu OUTSIDE 1500
mtu INSIDE 1500
mtu management 1500
ip local pool VPN-Remote mask
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-602.bin
no asdm history enable
arp timeout 14400
global (OUTSIDE) 1 interface
nat (INSIDE) 0 access-list INSIDE_nat0_outbound
nat (INSIDE) 1
static (INSIDE,OUTSIDE) netmask
access-group OUTSIDE_access_in in interface OUTSIDE
access-group INSIDE_access_in in interface INSIDE
route OUTSIDE 1
route INSIDE 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
http server enable
http management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map OUTSIDE_map 1 match address OUTSIDE_1_cryptomap
crypto map OUTSIDE_map 1 set peer A.B.C.12
crypto map OUTSIDE_map 1 set transform-set ESP-3DES-SHA
crypto map OUTSIDE_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map OUTSIDE_map interface OUTSIDE
crypto isakmp enable OUTSIDE
crypto isakmp policy 10
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
no crypto isakmp nat-traversal
telnet INSIDE
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd address INSIDE
dhcpd dns A1.B1.C1.25 A1.B1.C1.9 interface INSIDE
dhcpd enable INSIDE
threat-detection basic-threat
threat-detection statistics access-list
class-map inspection_default
 match default-inspection-traffic
policy-map type inspect dns preset_dns_map
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny  
  inspect sunrpc
  inspect xdmcp
  inspect sip  
  inspect netbios
  inspect tftp
service-policy global_policy global
group-policy HQRemoteAccess internal
group-policy HQRemoteAccess attributes
 vpn-tunnel-protocol IPSec
username test1 password k83iXWPan0Gg1s04 encrypted
username test1 attributes
 vpn-group-policy HQRemoteAccess
 vpn-tunnel-protocol IPSec
 group-lock value HQRemoteAccess
 service-type remote-access
username test password k83iXWPan0Gg1s04 encrypted privilege 0
username test attributes
 vpn-group-policy HQRemoteAccess
username mohamed password jKn1JfNi/RZnOey9 encrypted privilege 15
username mohamed attributes
 vpn-group-policy HQRemoteAccess
 vpn-tunnel-protocol IPSec
 group-lock value HQRemoteAccess
tunnel-group A.B.C.12 type ipsec-l2l
tunnel-group A.B.C.12 ipsec-attributes
 pre-shared-key *******
tunnel-group HQRemoteAccess type remote-access
tunnel-group HQRemoteAccess general-attributes
 address-pool VPN-Remote
 default-group-policy HQRemoteAccess
tunnel-group HQRemoteAccess ipsec-attributes
 pre-shared-key *******
prompt hostname context
: end


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Internet Protocol Security

From novice to tech pro — start learning today.