<div>
Add the following to your config<br />
<br />
access-list outside_access_in permit ip 10.11.12.0 255.255.255.0 10.1.1.0 255.255.255.224 <br />
<br />
<br />
See if it works. Make sure the firewall on PC behind your PIX is configured to allow ICMP.
</div>


Add the following to your config

access-list outside_access_in permit ip 10.11.12.0 255.255.255.0 10.1.1.0 255.255.255.224


See if it works. Make sure the firewall on PC behind your PIX is configured to allow ICMP.

<div>
<a href="http://www.petenetlive.com/KB/Article/0000066.htm" rel="ugc">Cisco ASA - Enable Split Tunnel for IPSEC / SSLVPN / WEBVPN Clients</a><br />
<br />
Add<br />
<br />
vpngroup sscadm1n2 split-tunnel RemoteVPN_splitTunnelAcl<br />
access-list RemoteVPN_splitTunnelAcl permit ip 10.1.1.0 255.255.255.224 any<br />
<br />
<br />
Should do you<br />
<br />
Pete
</div>


Cisco ASA - Enable Split Tunnel for IPSEC / SSLVPN / WEBVPN Clients [http://www.petenetlive.com/KB/Article/0000066.htm]

Add

vpngroup sscadm1n2 split-tunnel RemoteVPN_splitTunnelAcl
access-list RemoteVPN_splitTunnelAcl permit ip 10.1.1.0 255.255.255.224 any


Should do you

Pete

<div>
Hi Pete:<br />
<br />
I put your commands in but they had to be put in reverse order. &nbsp;I've attached the current config. &nbsp;Is this what it should look like? &nbsp;Also, what can I get rid of?<br />
David<br />
<a href="https://filedb.experts-exchange.com/incoming/2013/01_w03/628760/config2.docx" target="_blank" class="file-inline" title="running config (30 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>config2.docx</a>
</div>


Hi Pete:

I put your commands in but they had to be put in reverse order.  I've attached the current config.  Is this what it should look like?  Also, what can I get rid of?
David
config2.docx [https://filedb.experts-exchange.com/incoming/2013/01_w03/628760/config2.docx]

config2.docx

<div>
<div class="content wysiwyg-content">
I have a production ASA which is configured for client vpn. &nbsp;The VPN works; however, when initiated I cannot see my local lan or the internet. &nbsp;I enabled split tunneling through the GUI and was still unable to see my local network.<br />
<br />
I have disabled split tunneling and attached a copy of the running config. &nbsp;It is a bit confusing as there are some unsuccessful VPN attempts still in the config.<br />
<a href="https://filedb.experts-exchange.com/incoming/2013/01_w03/628563/config.docx" target="_blank" class="file-inline" title="running config (21 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>config.docx</a>
</div>
</div>


config.docx

I have a production ASA which is configured for client vpn.  The VPN works; however, when initiated I cannot see my local lan or the internet.  I enabled split tunneling through the GUI and was still unable to see my local network.

I have disabled split tunneling and attached a copy of the running config.  It is a bit confusing as there are some unsuccessful VPN attempts still in the config.

VPN Split Tunnel Cisco ASA

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).