I'm in trouble setting up a connection between a PIX 501 and a VPN 3005 Concentrator. I'm using Easy VPN so the VPN 3005 does set up the parameters for the client. I can't use a classical Site-to-Site Setup because the PIX uses DSL Dialup... So I did set up NEM( Network Extension Mode) on the VPN 3005, accessing the local IPs is required for printing. The Clients are able to access the central site without problems, and they can be accessed too, as long as I don't use split tunneling. As soon as I configure a split tunnel for the networks at the central site, the remote clients can still access the central site, but can't be accessed any more.
Is there a solution / workaround for this ? Do I have to wait for an updated Version of the PIX OS / VPN Concentrator OS ???
Actually I'm using code version 6.2.2 and have the tunnel be initiated from the remote side. The problem is that split tunneling on the concentrator doesn't work. You can either activate split tunnel, so that the remote clients can access the internet, or you can activate "tunnel all traffic" so that you can access the clients from the central side. It is not possible to access them when using split tunnel, even if they initiate the tunnel setup ... Seems like a bug / missing feature to me.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...