I have a network behind a 515e pix, and I need to get multiple users to connect out to a remote ipsec vpn, but I am having trouble doing it. I think that I have done everything correctly, including the configuration of nat-t, but the client software (IBM global client) always fails on key negotiation. According to the vpn provider, the error that comes up refers to a firewall error. This pix is also a vpn endpoint for multiple site to site vpns. Is that causing a problem? Also, do I need multiple ip addresses to do this, or am I fine using pat.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...