I can establish both an IKE and IPSEC tunnel with my current configs, but I know I must be missing some essential route commands because I can't ping from the .10.x subnet to the .1.x subnet nor vice-versa.
I also have no windows servers (in the .1.x subnet) visible from the .10.x subnet either.
Your configs look fine for the tunnel from what I can see. I assume the workstation that your trying to ping doesn't have problems or a software firewall preventing it from replying (XP sp2). If you had built the configs and tried immediately, its possible that the IP address you were trying to ping from/to already had NAT entries on the PIX. You would use CLEAR XLA on both firewalls to clear any existing translations.
If everything is there except for joining the domain it could just be a simple WINS problem. Might be worth double checking WINS settings on your remote network workstations to be sure they are pointing to the WINS server on the main network. LMHOSTS files can be used instead of WINS, but I don't usually go that route for a variety of reasons.
the main difference between the lan-lan vpn and ezvpn is that with lan-lan vpn, either sites are able to establish the vpn; whereas with ezvpn, only the client site can establish the vpn.
in order to determine which vpn to be deployed, you need to figure out the type of public ip on both sites. assuming both sites have static public ip, then you can choose either lan-lan vpn or ezvpn; whereas if only one of the sites has static public ip, then only ezvpn is feasible.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...