we have a remote site with 1 asa 5005 and 1 pix 501.
the pix 501 has 2 existing vpn tunnels to networks 192.168.42.0/24 and to 192.168.48.0/24.
the asa has another tunnel (easy vpn) to 192.168.1.0/24
I added an inside route on the asa to .48 and .42 networks to the inside of the pix 501 and i allowed traffic out of the same interface to be able to use the asa as a router.
The asa is the default router of the network.
When i try to ping a host on the 42 network from a workstation i get this error
portmap translation creation failed for tcp src inside:192.168.16.38/2111 dst inside:192.168.48.209/111
I think its because the asa wants to nat this traffic, so i tried to add a rule that traffic from .16 to .42 doesn?t need natting. The asa doesn?t accept this setting ( error: policy natting not possible when easy vpn client enabled)
Can somebody help me out with this please?