PIX 506e VPN problems

Good morning, I'm at the end of my rope with this problem. I have checked the news groups, the web, and the 'Guide to PIX Firewalls' book all with no help. I'm hoping someone's seen this before, and will be able to help me. I have been attempting to set up a VPN for remote access to our company. Unfortunately, the connection seems intermittent. Sometimes when I connect everything works perfectly, other times when I connect I can't reach anything, even when I use the direct IP. Others are having the same problem with intermittent service, one employee almost always has troubles. I have attached the config below, modified to take out some sensitive information, and with some parts that I didn't think were pertinent clipped. I will be happy to provide any further information if it will help. We are using Cisco VPN client 4.0.1.

Thank you for all your help.

Bah, forgot to attach: : Saved : Written by user at 08:48:59.879 EDT Fri Aug 19 2005 PIX Version 6.3(4) interface ethernet0 auto interface ethernet1 auto nameif ethernet0 outside security0 nameif ethernet1 inside security100 hostname pixfirewall domain-name host.com clock timezone EST -5 clock summer-time EDT recurring fixup protocol dns maximum-length 512 fixup protocol ftp 21 fixup protocol h323 h225 1720 fixup protocol h323 ras 1718-1719 fixup protocol http 80 fixup protocol rsh 514 fixup protocol rtsp 554 fixup protocol sip 5060 fixup protocol sip udp 5060 fixup protocol skinny 2000 fixup protocol smtp 25 fixup protocol sqlnet 1521 fixup protocol tftp 69

--sections deleted-- access-list outside_access_in permit tcp any host ext.ext.ext.100 object-group MailPorts access-list outside_access_in permit icmp any any access-list outside_access_in deny ip any any access-list outside_cryptomap_dyn_20 permit ip any 192.168.1.0

255.255.255.0 access-list outside_cryptomap_dyn_40 permit ip any 192.168.1.0 255.255.255.0 access-list outside_cryptomap_dyn_60 permit ip any 192.168.1.0 255.255.255.0 pager lines 24 mtu outside 1500 mtu inside 1500 ip address outside ext.ext.ext.104 255.255.255.240 ip address inside 192.168.1.1 255.255.255.0 ip audit info action alarm ip audit attack action alarm ip local pool VPN_Pool 192.168.1.125-192.168.1.129

--sections deleted-- pdm logging informational 100 pdm history enable arp timeout 14400 global (outside) 1 ext.ext.ext.110 nat (inside) 0 access-list inside_nat0_outbound

--sections deleted-- access-group outside_access_in in interface outside access-group inside_access_in in interface inside route outside 0.0.0.0 0.0.0.0 ext.ext.ext.97 1 timeout xlate 0:05:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225

1:00:00 timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute aaa-server TACACS+ protocol tacacs+ aaa-server TACACS+ max-failed-attempts 3 aaa-server TACACS+ deadtime 10 aaa-server RADIUS protocol radius aaa-server RADIUS max-failed-attempts 3 aaa-server RADIUS deadtime 10 aaa-server LOCAL protocol local http server enable http 192.168.1.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server community public no snmp-server enable traps floodguard enable sysopt connection permit-ipsec crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac crypto ipsec transform-set TRANS_ESP_3DES_MD5 esp-3des esp-md5-hmac crypto ipsec transform-set TRANS_ESP_3DES_MD5 mode transport crypto dynamic-map outside_dyn_map 20 match address outside_cryptomap_dyn_20 crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-MD5 crypto dynamic-map outside_dyn_map 40 match address outside_cryptomap_dyn_40 crypto dynamic-map outside_dyn_map 40 set transform-set ESP-3DES-MD5 crypto dynamic-map outside_dyn_map 60 match address outside_cryptomap_dyn_60 crypto dynamic-map outside_dyn_map 60 set transform-set ESP-3DES-MD5 isakmp enable outside isakmp enable inside isakmp policy 20 authentication pre-share isakmp policy 20 encryption 3des isakmp policy 20 hash md5 isakmp policy 20 group 2 isakmp policy 20 lifetime 64800 vpngroup default address-pool VPN_Pool vpngroup default dns-server 192.168.1.13 vpngroup default default-domain host.com vpngroup default idle-time 1800 vpngroup default password password vpngroup user1 address-pool VPN_Pool vpngroup user1 dns-server 192.168.1.13 vpngroup user1 default-domain host.com vpngroup user1 idle-time 86400 vpngroup user1 password password vpngroup user2 address-pool VPN_Pool vpngroup user2 dns-server 192.168.1.13 vpngroup user2 default-domain host.com vpngroup user2 idle-time 86400 vpngroup user2 password password vpngroup user3 address-pool VPN_Pool vpngroup user3 dns-server 192.168.1.13 vpngroup user3 default-domain host.com vpngroup user3 idle-time 86400 vpngroup user3 password password telnet timeout 5 ssh user 255.255.255.255 inside ssh timeout 5 console timeout 0 vpdn group user4 accept dialin pptp vpdn group user4 ppp authentication chap vpdn group user4 client configuration address local VPN_Pool vpdn group user4 client configuration dns dns-dhcp 216.254.141.2 vpdn group user4 pptp echo 60 vpdn group user4 client authentication local vpdn username user password password vpdn username user password password vpdn enable outside vpdn enable inside dhcpd auto_config outside terminal width 80 : end