I've got an issue which Im not sure about if its my confiuration fault or its something to do with Cisco's ASA Firewall. Network Diagram is attached for your reference.
I have got a couple of users behind Cisco ASA 5510 who use Cisco VPN Client (versions ranging from 3.6 to 4.8). They share a single IP address to Internet. ( I mean they are NATed). Now, they want to create a VPN connection to a PIX acting as VPN server. They are able to successfully create a VPN connection but they cannot ping the servers behind PIX 501. They also cannot access any services behind the PIX.
I tried the above scenario on Cisco routers and Linksys router. That works. But its not working with Cisco ASA.
Facts about the scenario:
I have done the normal NAT configurationa and its working.
They can ping the PIX 501.
They can create a VPN connection.
They CANNOT ping or access servers behind PIX.
Now, the possible reasons that I think are as below:
Something is wrong at Cisco ASA configuration because if I try to connect the PIX 501 from Dial-up, it works fine. It just doesnt works behind the ASA.
There might be some issue with NAT-Traversal. But I dont know should it be configured at ASA or on PIX?
Or simply, ASA doesnt supports Cisco VPN clients on NAT.
I would appreciate someone's help in this matter. Thanks in advance.