Customer has barracuda inside the ASA firewall. Issue is with vpn clients. They come into the same ASA w/o split tunnel but permit same interface traffic enabled. Keep arguing with the vendor about filtering the vpn traffic to the internet. I say it can't be done in this scenario because once it is determined that the requested resource is on the outside the traffic goes in the outside interface and back out outside interface. Barracuda keeps telling me to stop all outbound 80 traffic and redirect to them I assume through wccp or something but so what? Am I missing something?