From the ASDM configure the following;
- Click 'Configuration'
- Then 'Group Policy'
- Select the policy which you want to enable local LAN access, then click edit.
- Click the 'Client Configuration' tab
- Untick the 'Inherit' box for 'Split Tunnel Policy' and select 'Tunnel Network List Below'
- Untick the 'Inherit' box for 'Split Tunnel Network List' and click 'manage'
- Next click 'Add' then 'Add ACL'
- Enter a name for the ACL and press 'OK'
- Now 'Add ACE'
- Permit the IP subnet of your LAN
- Press 'OK' twice
- Make sure that for 'Split Tunnel Network List', that your ACL is selected
- Press 'OK' and send commands to ASA
In CLI mode enter the following command;
Remember to save your configuration.
I've completed the following on my Andriod phone, to download the client navigate to https://youripaddress
- Add your profile and click the slider
- ASA using a self signed certificate, you can ignore this warning;
- Select your VPN group and enter your credentials;
- Aslong as as your credentials are correct it should work;
- Test the internet connection