I have a Cisco VPN Client (4.0.3) and can connect to my PIX 501 via IPSEc. I get an address fromn my vpn_pool but can not access the internal network, behind the PIX.

Partial config below....

access-list inside_outbound_nat0_acl permit ip any 192.168.252.0 255.255.255.0

access-list outside_cryptomap_dyn_20 permit ip any 192.168.252.0 255.255.255.0

ip local pool v_pool 192.168.252.1-192.168.252.254

nat (inside) 0 access-list inside_outbound_nat0_acl

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

sysopt connection permit-ipsec

crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac

crypto dynamic-map outside_dyn_map 20 match address outside_cryptomap_dyn_20

crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-MD5

crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map

crypto map outside_map interface outside

isakmp enable outside

isakmp policy 20 authentication pre-share

isakmp policy 20 encryption 3des

isakmp policy 20 hash md5

isakmp policy 20 group 2

isakmp policy 20 lifetime 86400

vpngroup v_grp address-pool v_pool

vpngroup v_grp dns-server ipaddress_1 ipaddress_2

vpngroup v_grp default-domain qnworks.com

vpngroup v_grp idle-time 1800

vpngroup v_grp password ********