VPN terminates on pix 501...but i cannot access windows 2000 vpn server

first of all let me say that you guys really helped me out alot so far
and thanx..but i have a really big problem and my job depends on it

i want to configure a ms vpn client through a cisco pix firewall and
either have it etrminate on the pix and access my local net through my
windows 2000 vpn server or have the users terminated on the win2k vpn
server either way would be great

i have already configure the pix and vpn it works internaly and it
terminates on the pix but it just wount pass through and access the
LAN....i have enable bout port 47 and tcp protocol 1723.....

vpn client----->-----pix------windows 2003 vpn server
10.48.66.48
209.165.201.25 (outside)209.165.201.1
(inside)10.48.66.47

i have been read all the cisco technical papers, and even a few from
microsoft can anybody plz help me i am totally lost........ here is
the pix configuration that i am currently using in my test lab

thank you in advance

PIX Version 6.3(1)
interface ethernet0 auto
interface ethernet1 100full
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname pixfirewall
domain-name pixfirewall
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol ils 389
fixup protocol pptp 1723
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
no names
name 10.48.66.106 vpn-server
access-list acl-out permit gre host 209.165.201.25 host 209.165.201.5
access-list acl-out permit tcp host 209.165.201.25 host 209.165.201.5
eq pptp
access-list acl-out permit gre host 10.48.66.106 host 10.48.66.2
access-list acl-out permit tcp host 209.165.201.25 host 209.165.201.5
eq 47
access-list acl-out permit tcp host 209.165.201.0 host 209.165.201.0
eq 47
access-list 80 permit ip host 209.165.201.25 host 209.165.201.5
access-list 101 permit tcp any host 209.165.201.5 eq www
access-list 101 permit gre any host 209.165.201.5
access-list 101 permit gre host 209.165.201.25 host 209.165.201.5
access-list 101 permit ip 10.48.66.0 255.255.255.0 209.165.201.0
255.255.255.0
access-list 102 permit ip any 0.0.0.47 10.48.66.47
access-list 103 permit gre host 10.48.66.47 host 209.165.201.1
access-list 100 permit gre any host 10.48.66.47
access-list 100 permit gre any host 10.48.66.106
access-list 100 permit tcp any host 10.48.66.106
access-list 100 permit tcp any host 10.48.66.47
access-list 100 permit tcp any host 10.48.66.106 eq 47
access-list 100 permit tcp any host 10.48.66.47 eq 47
access-list 90 permit ip host 10.48.66.106 any
pager lines 24
logging on
mtu outside 1500
mtu inside 1500
ip address outside 209.165.201.1 255.255.255.224
ip address inside 10.48.66.47 255.255.254.0
ip audit info action alarm
ip audit attack action alarm
ip local pool pptp-pool 209.165.201.6-209.165.201.10
pdm history enable
arp timeout 14400
nat (outside) 0 access-list 100
nat (outside) 0 access-list 101 outside
nat (inside) 0 access-list 101 outside
nat (inside) 0 0.0.0.0 255.0.0.0 0 0
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
nat (inside) 0 10.48.66.0 255.255.255.255 outside 0 0
nat (inside) 1 10.48.66.47 255.255.255.255 outside 0 0
nat (inside) 0 10.48.66.48 255.255.255.255 outside 0 0
nat (inside) 1 10.48.66.106 255.255.255.255 outside 0 0
nat (inside) 1 10.48.66.0 255.255.255.0 outside 0 0
nat (inside) 1 10.0.0.0 255.0.0.0 outside 0 0
static (inside,outside) 209.165.201.1 10.48.66.106 netmask
255.255.255.255 0 0
access-group 101 in interface outside
access-group 101 in interface inside
conduit permit icmp any any
conduit permit gre any any
conduit permit gre host 201.165.201.1 any
conduit permit tcp host 201.165.201.1 eq pptp any
route outside 0.0.0.0 0.0.0.0 10.48.66.106 1
route outside 209.165.201.0 255.255.255.255 10.48.66.48 0
route inside 209.165.201.0 255.255.255.0 209.165.201.1 1
route inside 209.165.201.7 255.255.255.255 10.48.66.48 0
route outside 209.165.201.8 255.255.255.255 10.48.66.48 0
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225
1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute uauth 0:04:00 inactivity
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server LOCAL protocol local
no snmp-server location
no snmp-server contact
snmp-server community public
snmp-server enable traps
no floodguard enable
sysopt connection permit-pptp
vpngroup test dns-server 10.48.66.106
vpngroup test default-domain nwtraders.com
vpngroup test idle-time 1800
vpngroup test device-pass-through
telnet timeout 5
ssh timeout 5
console timeout 0
vpdn group 1 accept dialin pptp
vpdn group 1 localname nwtraders.com
vpdn group 1 ppp authentication pap
vpdn group 1 ppp authentication chap
vpdn group 1 ppp authentication mschap
vpdn group 1 ppp encryption mppe 128
vpdn group 1 client configuration address local pptp-pool
vpdn group 1 client configuration dns 10.48.66.48
vpdn group 1 pptp echo 50
vpdn group 1 client authentication local
vpdn username test password *********
vpdn username wturner password *********
vpdn enable outside
vpdn enable inside
vpnclient server 10.48.66.48
vpnclient mode client-mode
vpnclient username wturner password ********
terminal width 80
Cryptochecksum:72a9c46aa94c1dc9ae56ce6679d5930f
: end