1. need to establish lan to lan vpn tunnel between two pix firewalls
2. need to allow inside vpn client go through the pix firewall to access other sites. and the firewall has only one ip address and do pat for inside clients
3. "fixup protocol esp-ike" and "isakmp enable outside" can't coexist on pix
is there any way to solve the problem? thks a lot