I have a VPN client try to connect to a PIX 515. I can connect from all sites, but can only ping internal devices from some locations. In both cases I get an ip address, GW, DNS. Both of the locations I'm trying use NAT/PAT (behind some firewall). I have looked in some other forum notes, there they recommed "isakmp nat-traversal". Is this a possible solution.
Config:
access-list VPN permit ip 172.16.16.0 255.255.255.0 192.168.40.0 255.255.255.0
ip address inside 172.16.16.2 255.255.255.0
ip local pool VPNKLIENTER 192.168.40.100-192.168.40.150
nat (inside) 0 access-list VPN
nat (inside) 1 172.16.0.0 255.255.0.0 0 0
sysopt connection permit-ipsec
isakmp enable outside
isakmp key xxxxx
isakmp identity address
isakmp policy 9 authentication pre-share
isakmp policy 9 encryption des
isakmp policy 9 hash md5
isakmp policy 9 group 1
isakmp policy 9 lifetime 1000
isakmp policy 10 authentication rsa-sig
isakmp policy 10 encryption des
isakmp policy 10 hash sha
isakmp policy 10 group 1
isakmp policy 10 lifetime 86400
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption des
isakmp policy 20 hash md5
isakmp policy 20 group 2
isakmp policy 20 lifetime 86400
vpngroup vpnklienter address-pool VPNKLIENTER
vpngroup vpnklienter dns-server 172.16.16.22
vpngroup vpnklienter wins-server martin5 172.16.16.2
vpngroup vpnklienter idle-time 86400
vpngroup vpnklienter password xxx