I have attached the config for our PIX firewall. Any tips would be appriciated.
The problem I am having is with remote clinets and the vpngroup setup on the PIX. When a client vpn's to the PIX using the vpngroup login and password, they are assigned a 192.168.99.xx IP address. The internal IP subnet for all devices behind the PIX is 192.168.0.xxx. The VPN clinets can access all devices on the 192.168.0.xx subnet, but I need to be able to allow the clinets to access other devices on our network that are outside the PIX. Example, I have several nodes that are assigned 192.168.20.xxx IP address that are outside the PIX. None of the vpngroup clients can access this subnet or any other subnet besides the internal PIX block. From any device or server behind the PIX with a 192.168.0.xx IP, I can access everything just fine.
Also, when using the Cisco PIX client, I have noticed that the machine that is VPN to the PIX, is not using the PIX as the default gateway to the outside world. Outside traffic is still routed over the clinets primary internet connection. I need to have all traffic route through the PIX. Is this possible?