I have remote access vpn configured and a site to site tunnel. I'd like the remote access clients to be able to initiate a tunnel connection and have connectivity to the site to site tunnel network. So far I've been unable to get either. The remote access client scope is 192.168.8.0/24, the site 2 site is 192.168.64.0/24, and the corporate WAN is 10.4.0.0/16. I'm able to connect from VPN to the corporate network and I'm able to initiate the tunnel from either side of the tunnel. My routing looks ok, and I don't see anything in the PIX's logs. PIX 7 at one end, and PIX 6.3 at the other. Here are my vpn related access-lists

access-list nonat line 1 extended permit ip 192.168.64.0 255.255.255.0 10.4.0.0 255.255.0.0

access-list nonat line 2 extended permit ip 192.168.64.0 255.255.255.0 192.168.8.0 255.255.255.0

access-list nonat line 3 extended permit ip 10.0.0.0 255.0.0.0 192.168.8.0 255.255.255.0

access-list nonat line 4 extended permit ip 192.168.8.0 255.255.255.0 10.0.0.0 255.0.0.0

access-list nonat line 5 extended permit ip 192.168.8.0 255.255.255.0 192.168.64.0 255.255.255.0

access-list nonat line 6 extended permit ip 10.0.0.0 255.0.0.0 192.168.64.0 255.255.255.0

access-list 100 line 1 extended permit ip 192.168.64.0 255.255.255.0 10.4.0.0 255.255.0.0

access-list 100 line 2 extended permit ip 192.168.64.0 255.255.255.0 192.168.8.0 255.255.255.0

access-list 100 line 3 extended permit ip 10.4.0.0 255.255.0.0 192.168.64.0 255.255.255.0

access-list 100 line 4 extended permit ip 192.168.8.0 255.255.255.0 192.168.64.0 255.255.255.0

does anyone have any ideas?

thank you,

Bill