I'm a little unclear about your problem as the sentences:
>concentrator is able to reach all of the >above networks without any problem.
>But client is able to ping any of the above >networks, except concentrator private >interface.
I think that you might mean NONE of the above networks.
I encountered a similar situation that I resolved by enabling nat-traversal on the device that is providing VPN access. You have not stated what these devices are, so I can't offer specifics. Make sure that isakmp is enabled for the Nat Traversal to function.
Sorry for typing the wrong sentence. Client was not able to ping above networks. But now client can reach. I didnt nothing, it suddendly started working fine with the old configuration. I am using cisco vpn concentrator that has private interface connected with dmz of pix firewall. Please tell me still i need to unable it.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...