Hi,
To get Internet Access while the IPSEC VPN Client is connected to your PIX, you have two options:
A. Use split-tunneling, this configuration will tell the VPN client which traffic needs to be encrypted, everything else will be sent out the local Internet connection on the Client's end:
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080702999.shtml
B. Use the option of hairpining (U-Turn) on the PIX to provide Internet access to the connecting VPN Clients. The only restriction here is that your PIX needs to be running at least version 7:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008046f307.shtml
The basic configuration for this setup is as follows:
NAT CONFIGURATION
access-list remotelan permit ip 255.255.255.0 any
nat (outside) 1 access-list remotelan
global (outside) 1 interface
U-TURN
same-security-traffic permit intra-interface
The rest of the configuration remains the same.
Regards,
Rick.