I have a PIX 515E and 501 acting as a hardware client. Several remote location are connected as Easy VPN clients, but one location will connect, but no traffic flows. I switched from network-extension-mode to client-mode and I can connect thru to the other network hosts.
I'm not sure why this PIX 501 one is different. There are no ACLs except what is pulled from the headend.
Any ideas where I should look?
Couple of quick comments:
1. I do not see 192.168.0.0 part of that inside_outbound_nat0_acl ACL.
2. I see a crypto map instance 40 with "incomplete" crypto map, which is actually missing a match address.
crypto map outside_map 40 ipsec-isakmp
crypto map outside_map 40 set peer 126.96.36.199
crypto map outside_map 40 set transform-set ESP-DES-MD5
Not sure if this is the current configuration from the pix. If there is a crypto map instance with a incomplete match address, all traffic will be encrypted.