I currently have a PIX 501 with remote users on VPN via the Cisco VPN Client. I have a wireless router that I'd like to put outside my PIX to allow visiting clients/associates wireless internet access without internal LAN access (those that need internal LAN can VPN through the PIX). Is this possible? If so, what ports (or other things?) on the router do I need to forward to the PIX to enable that? We connect via IPSec over UDP.