The PIX EzVPN client creates SA's from its outside interface to the remote subnet(s) for management purposes. With these you can ping from the PIX itself to anything on the remote subnets, and more importantly you can connect to the PIX outside interface securely from the remote subnets. If you are doing split tunnelling it will build one of these SA's from its outside interface to each remote network in the split tunnel list.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...