[c-nsp] Cisco Software Client -> Router VPN issue.

Jorge Evangelista netsecuredata at gmail.com
Mon Jan 5 15:07:11 EST 2009


I suggest that you configure a proxy server for Internet Traffic, you can
use it as cache or accelerator, only if you want user surf to the outside
internet over that tunneled connection.
By this way, you can control what kind information is allowed when
they connect to corporate network.

On Mon, Jan 5, 2009 at 11:48 AM, Tim Franklin <tim at pelican.org> wrote:

> On Mon, January 5, 2009 3:38 pm, Networkers wrote:
>
> > I¹ve taken a look at
> > some sample configs on the Cisco site but they all seem to be similar to
> > this. My thinking is that the dial pool doesn¹t get NATed properly, but
> > I¹m unsure on what to do to the config to fix this.  Normal 192.168.100.x
> > Ethernet-connected PCs in the home office can surf and do everything just
> > fine.
> >
> > Can someone offer a tidbit?
>
> You're correct in that it's the NAT - traffic from the VPN clients isn't
> going from an 'inside' interface to an 'outside' one, so it won't be
> NAT'd.
>
> Is there any reason they can't just use whatever Internet access they're
> already using to get the VPN connection, ie split tunnelling?
>
> Regards,
> Tim.
>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>



-- 
"The network is the computer"


More information about the cisco-nsp mailing list