We've got a remote site with a wireless 871w. It's configured as a site-to-site and has a guest wireless SSID. I've got a problem when a guest user accesses their VPN client back to corporate over the internet, it interferes with the site to site tunnel. The pix sees it as a duplicate address and starts to renegotiate SPI. NAT-T is on the PIX. I have 5 internet address available, if I could figure out the syntax to allow my site-to-site to use the interface IP address and the inside hosts to use another address and over load it I think it would work.
I've been looking at this to long....any help would be appreciated.