Cisco ASA 5505 split tunneling enabled, still can't ping

I set up a Cisco ASA 5505 for remote access, and a point to point to a colocation facility. Recently local lan access was not working so I configured the split tunnel access list. Local Lan access now works but when connected to the vpn I still cannot ping anything on the opposite side of the tunnel. I could never ping anything on the other side. Can anyone look at my config and tell me what I have configured wrong? The main office is using 192.168.10.x. The VPN dhcp pool

192.168.11.x. The co-location facility uses 192.168.4.x. here is my config. Thanks in advance:

Result of the command: "show running-config"

: Saved : ASA Version 7.2(3) ! hostname CompanyX domain-name DOMAIN.COM enable password 69YOKWVnTsvFTsnn encrypted names ! interface Vlan1 nameif inside security-level 100 ip address ! interface Vlan2 nameif outside security-level 0 ip address 64.x.x.x ! interface Vlan3 shutdown no forward interface Vlan1 nameif dmz security-level 50 no ip address ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! passwd 2KFQnbNIdI.2KYOU encrypted ftp mode passive dns server-group DefaultDNS domain-name DOMAIN.COM same-security-traffic permit inter-interface same-security-traffic permit intra-interface access-list CompanyX_splitTunnelAcl standard permit access-list CompanyX_splitTunnelAcl standard permit access-list CompanyX_splitTunnelAcl standard permit 64.x.x.x access-list CompanyX_splitTunnelAcl standard permit access-list inside_nat0_outbound extended permit ip any access-list inside_nat0_outbound extended permit ip any access-list outside_1_cryptomap extended permit ip pager lines 24 logging asdm informational mtu inside 1500 mtu outside 1500 mtu dmz 1500 ip local pool RemoteClientPool mask icmp unreachable rate-limit 1 burst-size 1 asdm image disk0:/asdm-523.bin no asdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 1 route outside 64.71.x.x 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout uauth 0:05:00 absolute http server enable http 65.x.x.x outside http 67.x.x.x outside http inside http 67.x.x.x outside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto dynamic-map outside_dyn_map 20 set pfs crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA crypto map outside_map 1 match address outside_1_cryptomap crypto map outside_map 1 set pfs crypto map outside_map 1 set peer 65.x.x.x crypto map outside_map 1 set transform-set ESP-3DES-SHA crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map crypto map outside_map interface outside crypto isakmp enable outside crypto isakmp policy 10 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 client-update enable telnet timeout 5 ssh 65.x.x.x outside ssh 67.x.x.x outside ssh timeout 5 console timeout 0 dhcpd address inside dhcpd dns 64.x.x.x interface inside dhcpd wins interface inside dhcpd lease 86400 interface inside dhcpd ping_timeout 10000 interface inside dhcpd domain DOMAIN.COM interface inside dhcpd enable inside !

! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp ! service-policy global_policy global group-policy CompanyX internal group-policy CompanyX attributes wins-server value dns-server value vpn-tunnel-protocol IPSec split-tunnel-policy tunnelspecified split-tunnel-network-list value CompanyX_splitTunnelAcl default-domain value DOMAIN.COM USERNAMES REMOVED vpn-group-policy CompanyX tunnel-group CompanyX type ipsec-ra tunnel-group CompanyX general-attributes address-pool RemoteClientPool default-group-policy CompanyX tunnel-group CompanyX ipsec-attributes pre-shared-key * tunnel-group 65.x.x.x type ipsec-l2l tunnel-group 65.x.x.x ipsec-attributes pre-shared-key * prompt hostname context Cryptochecksum:4cce7fd8f7f56356c9d862d80d64aeac : end

Reply to
Loading thread data ... Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.