[c-nsp] Cisco Software Client -> Router VPN issue.

[Frank Bulk]

We have our PPTP connections terminated to a server inside our network to
avoid the PIX hair-pinning restriction.

Frank

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Jorge Evangelista
Sent: Monday, January 05, 2009 2:07 PM
To: cisco_nsp
Subject: Re: [c-nsp] Cisco Software Client -> Router VPN issue.

I suggest that you configure a proxy server for Internet Traffic, you can
use it as cache or accelerator, only if you want user surf to the outside
internet over that tunneled connection.
By this way, you can control what kind information is allowed when
they connect to corporate network.

On Mon, Jan 5, 2009 at 11:48 AM, Tim Franklin <tim at pelican.org> wrote:

> On Mon, January 5, 2009 3:38 pm, Networkers wrote:
>
> > I¹ve taken a look at
> > some sample configs on the Cisco site but they all seem to be similar to
> > this. My thinking is that the dial pool doesn¹t get NATed properly, but
> > I¹m unsure on what to do to the config to fix this.  Normal
192.168.100.x
> > Ethernet-connected PCs in the home office can surf and do everything
just
> > fine.
> >
> > Can someone offer a tidbit?
>
> You're correct in that it's the NAT - traffic from the VPN clients isn't
> going from an 'inside' interface to an 'outside' one, so it won't be
> NAT'd.
>
> Is there any reason they can't just use whatever Internet access they're
> already using to get the VPN connection, ie split tunnelling?
>
> Regards,
> Tim.
>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>



--
"The network is the computer"
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/