I have this scenario with a PIX 525 6.3, this supposedly worked at one time:
I have a device on the inside network that needs to access a remote site network through a VPN tunnel.
Inside network device is 10.11.150.1, needs to access remote device 10.79.15.3.
The remote side is supposed to see my device as a 10.91.6.1 address, I am supposed to see his 10.79.15.3 as my destination.
The tunnel never attempts to come up, none of the access-lists show any hits at all, is there something missing?
It seems like a routing issue or access-list problem, all routes are correct, the firewall can ping my device on this end, but the access-lists never get hits.
crypto map p 30 ipsec-isakmp
crypto map p 30 match address Translate
crypto map p 30 set peer 22.214.171.124
crypto map p 30 set transform-set 3dessha
static (inside,outside) 10.91.6.1 access-list translation 0 0
access-list Translation permit ip host 10.11.150.1 10.79.8.0 255.255.248.0
access-list Translate permit ip 10.91.6.0 255.255.255.240 10.79.8.0 255.255.248.0