I have recently placed a Cisco ASA 5505 behind a Verizon FIOS router. Everyone has Internet and it all seems to be working fine. Inside IP is 192.168.10.1 /24 and Outside IP is 192.168.20.2/24. The Verizon FIOS router LAN side has 192.168.20.1/24 and the WAN side of the Verizon FIOS router has a STATIC IP xxx.xxx.xx.48. The problem is that if I am at a hotel or another location I am not able to use my Cisco VPN client to get to the inside network. Everything is setup correctly on the Cisco ASA side as I have done this many times for situations where the outside interface on the Cisco ASA has a real IP, but this time it is behind the Verizon FIOS router and the customer does not want to make that router a bridge. My question is do I have to do port forwarding on that Verizon router and If so what ports should I forward?