Configure a PIX 501 or 506E as an Easy VPN Client
Easy VPN Client device mode and enabling Easy VPN Remote clients

Set the Easy VPN Remote device to one of two modes, client mode or network extension mode. In client mode, the remote PIX Security Appliance applies PAT to all client IP addresses connected to the inside interface. In the example in the figure, when PC 10.1.1.2 attempts connect to the server at the central site, the remote PIX translates the original PC IP address and port number using the IP address and a port number of the outside interface, port address translation. Due to the translation, the IP address of PC1 is not visible from the central site.

The other option is network extension mode (NEM) . With NEM, the IP address of the inside PCs are received without change at the central site. In this instance, the IP address of the PC is visible from the central site. In the example in the figure, the remote inside PC makes a connection to a server on the central site. The original PC IP address, 10.1.1.2, is not translated by the remote PIX Security Appliance.

Set the Easy VPN Remote device mode by entering the following command :

vpnclient mode {client-mode | network-extension-mode}

Client mode applies NAT to all IP addresses of clients connected to the inside (higher security) interface of the PIX Security Appliance.

Network extension mode – This option does not apply NAT to any IP addresses of clients on the inside, higher security, interface of the PIX Security Appliance.

Finally, to enable the Easy VPN Remote device by entering the following command :

vpnclient enable