SSLVPN users need to access a network that is at the far end of a site-to-site VPN.
Lots of knobs:
- ensure there is a route from the SSLVPN interface to the remote VPN network via the VPN gateway; this will ensure that there is a policy permitting the traffic flow
- ensure that the SSLVPN Client Profile includes the remote VPN network as a Client Route
- ensure that the SSLVPN User (or the group it is a member of) has permission to access the remote VPN network (So under Users -> Local Users, I have an All LDAP Users group that is expandable. I expanded that, and under Trusted Users, I could edit the networks that the VPN users were permitted to access.)
If any one of these knobs isn't set, traffic won't flow.