Hi all,
Before all, thanks for the help... There is the issue, the client can establish a tunnel with the PIX acting as the VPN server. However, the client can't access any resources in the inside network(Exempted by NAT and ACL). I have doubles check(enable) all the items below so far, is there something else i should try that isn't in the list below?
NAT is exempt is in placed the outbound interface
ACL in the outbound interface to permit traffic exempted by NAT
Inbound interface is still in default state(any ---> any less secure networs permt, and any ---> any deny)
RRI is enable
Same security traffic permit(intra interface)
Should I add a route on the FW to point the pool for the remote vpn user??
NO split tunnel enable.
VPN client shows statistics sent/Encrypt packet, but NO Receive/Decrypt packet(Seems GW doesn't send traffic back to the client )
NAT-T is enable in the policy in the PIX, but not on the vpn client software
When ping an inside host from the eazy vpn client, i got request timeout, but the FW log shows packet get through just fine...
Packet capture in the egress interface of the FW sees traffic from remote vpn client going to inside host... but host keep getting request timeout.
Thanks again,