Please Help - VPN & Proxy problem

Unanswered Question

Hi, Im new to VPNs and the Cisco SSL VPN client but ive had a helpdesk call today about a problem which im unsure how to deal with.

The problem is that one user is connecting to a vpn over the internet to another site providing a citrix application. She is using the cisco ssl vpn client (v1.0.2 or 1.2?). When she connects to the VPN, the connection (via our internal proxy server) works ok. She gets a VPN client ip address in the 172. ***.***.*** range. When she opens up internet explorer and goes to the URL of http://172.---. etc. to access the destination server, nothing happens. It appears that when she goes to the destination server address, the browser doesnt use the VPN connection and instead uses our internal proxy server which of course cant find the 172. etc destination server address.

The answer to this is to add the destination server address to the proxy exclusion list in IE to avoid the proxy and go through the local VPN connection.

The problem I have is that we have GPOs assigning the proxy exclusions so changing the GPO proxy exclusion setting will be applied to all of our 10000+ users (just for one user). Setting up another GPO just for one user is also not an option for us.

What makes me more confused is that her previous client machine worked without problems (she had her machine replaced).

It makes me think that her previous machine had a setting that excludes the destination server address in proxy exceptions without actually having a GPO specifying it.

Therefore, what I need is to automatically route the destination server IP address to the VPN connection without hitting our internal proxy server and not changing the proxy exclusion settings in our GPO.

Can anybody help?

Pheeeeewwwwww, I hope somebody can understand this.

Thanks, Paul.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
irisrios Wed, 11/14/2007 - 11:36

You can apply GPO for proxy exclusions.To restrict access to the server use access list on the router.

Actions

This Discussion