Hi.I have the following problem in my company. We have users that are going through a proxy server located on the DMZ side of a PIX to the internet(allowed through the DMZ ACL to the outside etc.).That works great.
The problem arises when they use a Cisco VPN client to connect to another company and they cannot access the Internet anymore but can work over VPN on a remote site(Cisco client has been allowed through the PIX). Everything returns to normal when they don't use the VPN client anymore.
Any ideas why this would happen?
Without the proxy either you browse the internet over the vpn connection, or split-tunnel is configured and you exit locally. In case split-tunnel is configured, the proxy-server ip address could be overlapping with the remote protected network.
Fortunately it is easy for you to find out how the vpn is configured, just check the route details tab of the vpn client's statistics.
Check the local pc routing table will also help you troubleshoot this issue.