PIX 7.0.2. I'd like to manage the PIX through the VPN. I tried specifying the inside interface being at the remote site but it didn't work. I thought to do as I already do for routers: specifying a "loopback" interface and doing a static NAT mapped onto an IP address belonging to range specified for the VPN. Usually in the routers I use the only subnet mask possible 255.255.255.255 Actually in the PIX I have no loopback interface and I saw only ethernetX:Y interfaces. After enabled one of those (say10.10.10.10/30) I'd add a static nat between 10.10.10.10 and an IP belonging to LAN beyond the PIX. As I should do these changes through the tunnel (I'm using RDP to a machine beyond the PIX and from there I use ASDM) is this way the correct way?