Of course a PIX can do routing, it is at heart a router with enhanced security features. But it does not run IOS and supports only static routes, RIP and OSPF, and they're limited.

Off the top of my head I think you be needing something along the lines of:

PIX515 v7

access-list noNAT_inside permit ip 192.168.100.0 255.255.255.0 192.168.101.0 255.255.255.0

access-list VPNtoRemote permit ip 192.168.100.0 255.255.255.0 192.168.101.0 255.255.255.0

nat (inside) 0 access-list noNAT_inside

ip local pool VPNclient 192.168.0.1-192.168.0.100

crypto ipsec transform-set des-md5 esp-des esp-md5-hmac

crypto ipsec transform-set 3des-md5 esp-3des esp-md5-hmac

crypto ipsec transform-set des-sha esp-des esp-sha-hmac

crypto ipsec transform-set 3des-sha esp-3des esp-sha-hmac

crypto dynamic-map myDynamicMap 100 set transform-set 3des-sha

crypto map myCryptoMap 10 match address VPNtoRemote

crypto map myCryptoMap 10 set pfs

crypto map myCryptoMap 10 set peer PEER_IP

crypto map myCryptoMap 10 set transform-set 3des-sha

crypto map myCryptoMap 250 ipsec-isakmp dynamic myDynamicMap

crypto map myCryptoMap interface outside

isakmp enable outside

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption des

isakmp policy 10 hash sha

isakmp policy 10 group 2

isakmp policy 10 lifetime 28800

isakmp policy 20 authentication pre-share

isakmp policy 20 encryption des

isakmp policy 20 hash md5

isakmp policy 20 group 2

isakmp policy 20 lifetime 86400

tunnel-group PEER_IP type ipsec-l2l

tunnel-group PEER_IP ipsec-attributes

pre-shared-key *

tunnel-group VPN_GROUP_USERNAME type ipsec-ra

tunnel-group VPN_GROUP_USERNAME general-attributes

address-pool VPNclient

default-group-policy VPN_GROUP_USERNAME

tunnel-group VPN_GROUP_USERNAME ipsec-attributes

pre-shared-key VPN_GROUP_PASSWORD

PIX501 v6.3

access-list noNAT_inside permit ip 192.168.101.0 255.255.255.0 192.168.100.0 255.255.255.0

access-list VPNtoRemote permit ip 192.168.101.0 255.255.255.0 192.168.100.0 255.255.255.0

nat (inside) 0 access-list noNAT_inside

sysopt connection permit-ipsec

crypto ipsec transform-set des-md5 esp-des esp-md5-hmac

crypto ipsec transform-set 3des-md5 esp-3des esp-md5-hmac

crypto ipsec transform-set des-sha esp-des esp-sha-hmac

crypto ipsec transform-set 3des-sha esp-3des esp-sha-hmac

crypto map myCryptoMap 10 ipsec-isakmp

crypto map myCryptoMap 10 match address VPNtoRemote

crypto map myCryptoMap 10 set pfs

crypto map myCryptoMap 10 set peer PEER_IP

crypto map myCryptoMap 10 set transform-set 3des-sha

crypto map myCryptoMap interface outside

isakmp enable outside

isakmp key xxxxxxx address PEER_IP netmask 255.255.255.255 no-xauth no-config-mode

isakmp identity address

isakmp nat-traversal 20

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption des

isakmp policy 10 hash sha

isakmp policy 10 group 2

isakmp policy 10 lifetime 28800

isakmp policy 20 authentication pre-share

isakmp policy 20 encryption des

isakmp policy 20 hash md5

isakmp policy 20 group 2

isakmp policy 20 lifetime 86400