We have a Cisco 501 PIX at a remote branch that is connected to the main office via VPN. How do you configure the PIX so that I can telnet into it from the main office LAN. The remote office is on a 192.168.2.0 subnet and the main office is on a 192.168.1.0 subnet. They are at different physical locations with different public addresses. Do I have to allow the public address of the main office through on the PIX of the remote office or can it be done "internally" via the subnets.