Internet---x.x.x.x---ADSL--<----> (

I have to use the ADSL with NAT (and not bridge) as provider does not
support PPPoE only PPPoA
I can connect with Cisco VPN client 4.0.3(C)
I can ping/telnet to any address on network
What I can't do is map a drive to any of the other XP hosts on the 10.
0.0.0 network
I also get the following occurring within the log "No route to 10.1.2.
255 from"

Main parts of the config are posted below.

1. Why the error "No route to from" ?

2. Are the following required in order to get to the network
once connected via VPN using pool ?
(tried lots to get things to work and not sure if this is required or
not, but main functionality is finally working)

access-list outside_crypto permit ip any
crypto dynamic-map dynmap 10 match address outside_crypto

3. Any glaring problems/things that should be changed/removed?

4. Above is the main requirement. I also have an issue getting "no
translation group found" when trying to connect via Putty to 10.0.0.
35 (Dune) using SSH tunnel on port 443.
ADSL modem has NAT/PAT set to forward to (Dune) incoming
443 outgoing 443

tried various options and currently:
access-list outside_access_in permit ip any host Dune
static (inside,outside) tcp interface https Dune https netmask 255.
255.255.255 0 0

What do I need to do for this to work/remove the "no translation
group found" issue?
(I don't have immediate access now, so may post a seperate query on
this if there's no "simple" answer.

PIX Version 6.3(5)
interface ethernet0 auto
interface ethernet1 100full
nameif ethernet0 outside security0
nameif ethernet1 inside security100


fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol pptp 1723
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
name Dune

access-list outside_access_in permit ip
interface inside log
access-list outside_access_in permit ip any host Dune
access-list outside_access_in permit tcp any interface outside eq
access-list 101 permit ip 255.255.255.
access-list outside_crypto permit ip any

icmp permit any inside
mtu outside 1500
mtu inside 1500
ip address outside
ip address inside

ip local pool ippool mask

pdm location Dune inside
pdm location inside
pdm location outside
pdm location outside
pdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list 101
nat (inside) 1 0 0
static (inside,outside) tcp interface https Dune https netmask 255.
255.255.255 0 0
access-group outside_access_in in interface outside
rip inside default version 2
route outside 1

management-access insidetelnet insidehttp 10.1.
2.0 inside
floodguard enable
sysopt connection permit-ipsec
crypto ipsec transform-set myset esp-des esp-md5-hmac
crypto dynamic-map dynmap 10 match address outside_crypto
crypto dynamic-map dynmap 10 set transform-set myset
crypto map mymap 10 ipsec-isakmp dynamic dynmap
crypto map mymap interface outside
isakmp enable outside
isakmp identity address
isakmp nat-traversal 20
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption des
isakmp policy 10 hash md5
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400
vpngroup vpn3000 address-pool ippool
vpngroup vpn3000 dns-server
vpngroup vpn3000 wins-server
vpngroup vpn3000 default-domain
vpngroup vpn3000 idle-time 1800
vpngroup vpn3000 password ********
telnet inside
telnet timeout 60
ssh timeout 5
console timeout 0
dhcpd address inside
dhcpd dns
dhcpd lease 3600
dhcpd ping_timeout 750
dhcpd auto_config outside
dhcpd enable inside