HUB & SPOKE - IPSEC EZVPN HW Client (PIX 501) to VPN 3060

[aabc123]

Hi All;

This must be very simple for you guys, but i am pulling my hair out!!

I want to deploy a PIX501 EZVPN Hardware client at my house (ADSL) and IPSEC to a CVPN3060 server.

Basically:

Laptop<-->PIX501<-->ADSL<-->Internet<-->VPN3060<-->FileServer (FTP)

VERY Important: I need to setup bi-directional communication from file-server to laptop

Laptop: 192.168.40.2
PIX501 Inside: 192.168.40.1
PIX501 Outside: 192.168.1.15
ADSL: 192.168.1.1 (GW to internet)
Internet
VPN3060: 90.15.157.10
FileServer (FTP): 192.168.2.100

Authentication is done via a Radius server which provides IP Address of 192.168.0.0 range

I have already tried 2 setups:

1 - PIX 501 as a HW Client, and
2 - PIX 501 as a NEM.

The setup 1 , I can ping the network behind the VPN3000 without any issues, and use the file server, but cannot ping from the file server back to the internal PIX501 network (LAPTOP).

Setup 2, just does not work at all, it connects via IPSEC however i cannot ping anywhere!

The funny thing is that I have other VPNs (pptp) terminating on this VPN 3060 server and i can ping and do all i need to do.

what do you guys think pls?

Thank you

Lucio