+ 0 Votes hmm TheVirtualOne 6 years ago "its always easier than you think" please explain the entire tunnel not the pix config. What is authenticating the vpn? the pix or a server? + 0 Votes Read the Question - Answer the Question CSR-TECH 6 years ago You really need the read the question before trying to answer with questions that have answers in the original question, or flipantly saying it can't be done (when it obviously can), or cut-and-pasting a "solution" which contains 95% of what he has already done. Why is your solution different from what he has done and why does this difference solve his issue? FYI, I have the exact same problem, but I am not going to add access-lists, pools, or nat statement without understanding how/why they are going to fix the issue.