Hi,
instead of using the 'alias' command for 'DNS Doctoring', you could try using the 'alias' command for 'destination nat translation'.
If have tried this from the inside to the dmz, but I am not sure it will work for inbound traffic encrypted traffic. Please try this command:
alias(outside) 55.55.192.70 10.0.1.70 255.255.255.255
I am absolutely not sure it will work, but it is worth a try. This command replaces the destination ip address of packets going to 55.55.192.70. The destination address is replaced with 10.0.1.70 when the packets go through the pix.
More info on this URL:
http://www.cisco.com/warp/public/110/alias.html
Isn't there a way for the VPN clients to connect directly to 10.0.1.70? Maybe you can setup an internal dns server that links the server's dns name to it's 10.0.1.70 address. That way the vpn clients can use this internal dns server.
Kind Regards,
Tom