It's a little hard to tell from your config, but you say that it works without the VPN. Once the VPN packet's are unencrypted and placed on the internal network, the only difference between them and between a non-encrypted packet will be the source address. The VPN packets will look like they've come from an address in your VPN pool (x.x.x.x.x.100 x.x.x.x.x.110), so you need to make sure that RouterB and the PIX have routes for these hosts that eventually point back to RouterC. To get through to the Internet also, the PIX will need a static or a nat/global pair that references this pool of addresses also.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...