Coporate site have Pix515 and remote site has router. I have a tunnel setup from a remote site to the corporate office. I am looking for information on ACL's to apply to the dialer interface to allow ipsec/ isakmp and all traffic from corporate office to remote site. Do you allow the public address of PIX to access remote router with ipsec/ isakmp traffic and corporate private network address for pop3/ smtp and udp.
yes you have to add ACLS on the dialer interafce on the router.
what you would do is assuming subnet A is behind router and subnet B is next to the Pix.
On A you would permit A's local subnet to A's remote i.e permit A to B and on the pix just the reverse. and no you dont define the public ip in the interesting traffic.