Re: SSL-vpn -> LAN -> ipsec
I know that this is any old post, but there are 2 solutions for this scenario:
The first works as Toshi Esumi suggested.
The second solution is:
1- On SSL VPN side, if it's split-tunnel, you need to add RDP destination address or subnet to pass through the SSL VPN tunnel.
2- IPsec tunnel should be up and running between LAN subnet and destination subnet.
3- Configure an SSL policy where Source is "SSL root interface", and Destination the "IPsec interface". Then enable NAT and create an IPPool using a free IP address from the LAN subnet. All incoming traffic coming through SSL VPN interface trying to reach the destination subnet will be NATed by the IPPool.