Most likely (your mileage may vary), the problem is that you are trying to pass an IPSec connection through a PIX using PAT (many to one translation). The problem is that IPSec uses ESP which is not a TCP or UDP based protocol. As a result, there is no layer 4 information (port number) for the PIX to modify when PAT'ed. The PIX chokes on this and kills the connection. Some IPSec vendors get around this issue by implementing NAT traversal (or more appropriately, PAT traversal) which basically encapsulates the ESP packets in a "fake" TCP or UDP wrapper. This allows the PAT devices to modify Layer 4 information and pass the traffic. The termination device for the IPSec tunnel, simply removes this wrapper and is left with the native IPSec packet.
Now, the good news is that we added a feature in the 6.3 release of PIX code called "PAT for ESP". The 6.3 code has a new command - 'fixup protocol esp-ike' which will allow 1 (and only 1) IPSec connection through a PIX configured with PAT. This command is not enabled by default so will need to upgrade your PIX code (if not on 6.3(X) - 6.3(4) is recommended) and enable the command. Here is a link to the command reference relating to this command - http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/df.htm#wp1067379
If this doesn't apply to you, let us know as I took a highly likely stab at the cause.
Scott
