Thanks for the response. I actually figured this out since I posted the question yesterday. However, now I have a new question. I already have a client VPN set up on the PIX (6.3, btw) and I don't want to affect the current setup. I found how to exclude xauth from site-to-site VPNs, but is there any way that you can exclude current vpngroups from xauth?
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...