Question : Problem: Config works but will not pass any traffic.  I cannot ping even the inside interface of the vpn tunnel or the client ip

!
version 12.2
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname tsdfw
!
logging queue-limit 100
enable password 7 xxx
!
username userx password 7 xxx
aaa new-model
!
!
aaa authentication login vpnauthen local
aaa authorization network vpnauthor local
aaa session-id common
ip subnet-zero
!
!
!
ip audit notify log
ip audit po max-events 100
!
!
!
!
crypto isakmp policy 10
 encr 3des
 authentication pre-share
 group 2
!
crypto isakmp client configuration group tsdvpn
 key pass
 dns xx.xx.xx.xx
 domain covad.net
 pool vpnpool
 acl 111
!
!
crypto ipsec transform-set trans2 esp-3des esp-md5-hmac
!
crypto dynamic-map vpndyn 10
 set transform-set trans2
!
!
crypto map nemap client authentication list vpnauthen
crypto map nemap isakmp authorization list vpnauthor
crypto map nemap client configuration address initiate
crypto map nemap client configuration address respond
crypto map nemap 10 ipsec-isakmp dynamic vpndyn
!
!
!
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.0
!
interface Ethernet0
 ip address 69.3.44.104 255.255.255.248
 ip access-group 117 in
 ip nat outside
 no ip route-cache
 no ip mroute-cache
 half-duplex
 crypto map nemap
!
interface FastEthernet0
 description "Inside" interface with private IP Address
 ip address 10.0.0.253 255.255.255.0
 ip nat inside
 ip route-cache policy
 ip policy route-map nonat
 no ip mroute-cache
 speed auto
!
ip local pool vpnpool 10.0.0.50
ip nat pool outsidepool 69.3.44.105 69.3.44.105 netmask 255.255.255.248
ip nat inside source route-map nonat pool outsidepool
ip classless
ip route 0.0.0.0 0.0.0.0 Ethernet0
no ip http server
no ip http secure-server
!
!
!
ip access-list extended group-lock
!
access-list 110 deny   ip 10.0.0.0 0.0.0.255 host 10.0.0.50
access-list 110 permit ip 10.0.0.0 0.0.0.255 any
access-list 117 permit esp any any
access-list 117 permit udp any any eq isakmp
access-list 120 permit ip 10.0.0.0 0.0.0.255 host 10.0.0.50
dialer-list 1 protocol ip permit
!
route-map rmap permit 10
 match ip address 110
!
route-map nonat permit 10
 match ip address 120
 set ip next-hop 1.1.1.2
!
route-map nonat permit 20
!
radius-server authorization permit missing Service-Type
!
line con 0
line aux 0
line vty 0 4
!
no scheduler allocate
end

It is late but I can't seem to figure out why this configuration does not work correctly??  I connect using the Cisco VPn client, authenticate and terminate the tunnel.  However, I cannot get transparent tunneling or split tunneling to work. I also cannot even ping through the tunnel.  This is probably something obvious but I cannot seem to find it.

Thanks,

Troy

Answer : Problem: Config works but will not pass any traffic.  I cannot ping even the inside interface of the vpn tunnel or the client ip

Just my opinion, but simply adding firewall 'features' to a router does not turn it into a firewall. It is a router with extra features. I would not put my business behind one. My configuration example above is fairly loose, because I have two PIX firewalls behind it..