Shahed, this is what I think, I believe you will not be able to connect to the local machine IP simply becuse 172.16.1.100 is not part of that tunnel, you are VPNing to the Enterprice network and LAN_PC 172.16.1.100 receives DHCP IP of 10.1.1.200 from Enterprice VPN gateway which is the NATed address for 172.16.1.100, so if you want to PING 172.16.1.100 you will do it through its NAT address which is 10.1.1.200 and stablished in that vpn tunnel, and this you have indicated a successfull PING. I can only see this feasable if you had a Lan-to-LAN VPN tunnel from (PC)LAN--->GenericRouter to VPN gateway at 2811.Ent.Network with no NAT thus 172.16.1.100 will be part of the tunnel.
For Lan-to-LAN you will need a router of firewall as a Ipsec termination point, Lan-to-LAN is not possible with vpn client you need a device that terminates a Ipsec VPN tunnel and vpn clients alone does not do that. Look into 800 series routers if this is for a small SOHO network, or even a 2801 with security 56/3DES IOS, I highly recommend ASA5505 with security pluslisence, ASA5505 basic lisence allows for up to 10 lan-to-lan vpn sessions and ranges between $350-450 depending where you buy it from , Security plus lisence add another $400 to $500. But with routers you do not have to deal much with lisencing other than optaining the right IOS code.
makesure network extension mode (nem) is enabled on your vpn setup at the terminating device.
nem emulates a L2L connection over a vpn client configuration scenario.
otherwise, the asa 5505 is probably your best bet, but you can also find the EOL cisco vpn 3002 on ebay pretty cheap. it's a hardware device, that acts like the software vpn client. but it will do network extension mode (NEM) which is the feature you're after.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...