Cisco ASA 5510 Remote Access VPN - inside2 LAN not reachable after connecting to the ASA

Hi guys,

I am relatively new to Cisco ASA and i recently configured a remote access VPN to the ASA (with split-tunnel), the VPN works fine (i manage to connect).
The problem is that the inside2 network is not reachable while i am on the ASA using the rem-access-vpn, but the inside2 network (10.1.11.0/24 apears in my Windows route print).

Here are some of the configs:
!
ip local pool REMOTE_ASCADE_POOL 192.168.200.1-192.168.200.254 mask 255.255.255.0
!
nat (outside) 2 192.168.200.0 255.255.255.0
!
crypto dynamic-map ASCADE-REM-ACCESS 20 set transform-set aes256-sha
!
crypto ipsec transform-set aes256-sha esp-aes-256 esp-sha-hmac
!
group-policy REMOTE_ASCADE_POLICY internal
group-policy REMOTE_ASCADE_POLICY attributes
 banner value UNAUTORIZED ACCESS IS STRICTLY PROHIBITED
 banner value ===ASCADE REMOTE ACCESS VPN===
 dns-server value 8.8.8.8 4.2.2.2
 vpn-tunnel-protocol IPSec
 split-tunnel-policy tunnelspecified
!
username ascade attributes
 vpn-group-policy REMOTE_ASCADE_POLICY
 vpn-tunnel-protocol IPSec
!
tunnel-group REMOTE_ASCADE_GROUP type remote-access
tunnel-group REMOTE_ASCADE_GROUP general-attributes
 address-pool REMOTE_ASCADE_POOL
 default-group-policy REMOTE_ASCADE_POLICY
!
interface Ethernet0/1
 description asa-1 inside -> 6504-1 int gi4/21
 speed 1000
 duplex full
 nameif inside
 security-level 100
 no ip address
ASA-5510/sec/act#
ASA-5510/sec/act# sh run int e0/1.500
!
interface Ethernet0/1.500
 description AscadeSQL
 vlan 500
 nameif inside2
 security-level 100
 ip address 10.1.11.1 255.255.255.0 standby 10.1.11.2
!
Catza25Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

NetExpert Network Solutions Pte LtdTechnical SpecialistCommented:
Have you added no nat statement for your remote access VPN subnet from your inside2 network

Can u paste your paste your nat statements here
0
Catza25Author Commented:
!
nat (outside) 1 192.168.100.0 255.255.255.0
nat (outside) 2 192.168.200.0 255.255.255.0
!
global (outside) 1 interface
!
0
NetExpert Network Solutions Pte LtdTechnical SpecialistCommented:
You might need to NAT exemption for the VPN subnet

access-list VPN extended permit ip 10.1.11.0 255.255.255.0 192.168.200.0 255.255.255.0

nat (inside2) 0 access-list VPN
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.