I have a PIX 515e running 6.3(5) with multiple site-to-site vpns configured and all is well. However when a user inside my LAN tries to launch a vpn client, whether it is Cisco IPSec or MS SSL, in order to connect to a client (these clients are not part of any of our site-to-site tunnels) they cannot get a connection.
My setup is lan ->pix->2691 router-> internet.
If I put my laptop in between the pix and the router with a public address I can get to any of these clients without any problems.
I have NAT-T enabled as well as sysopt connection permit-ipsec.
With Ethereal I see traffic going out but not coming back in.