Hi, Im new to VPNs and the Cisco SSL VPN client but ive had a helpdesk call today about a problem which im unsure how to deal with.
The problem is that one user is connecting to a vpn over the internet to another site providing a citrix application. She is using the cisco ssl vpn client (v1.0.2 or 1.2?). When she connects to the VPN, the connection (via our internal proxy server) works ok. She gets a VPN client ip address in the 172. ***.***.*** range. When she opens up internet explorer and goes to the URL of http://172.---. etc. to access the destination server, nothing happens. It appears that when she goes to the destination server address, the browser doesnt use the VPN connection and instead uses our internal proxy server which of course cant find the 172. etc destination server address.
The answer to this is to add the destination server address to the proxy exclusion list in IE to avoid the proxy and go through the local VPN connection.
The problem I have is that we have GPOs assigning the proxy exclusions so changing the GPO proxy exclusion setting will be applied to all of our 10000+ users (just for one user). Setting up another GPO just for one user is also not an option for us.
What makes me more confused is that her previous client machine worked without problems (she had her machine replaced).
It makes me think that her previous machine had a setting that excludes the destination server address in proxy exceptions without actually having a GPO specifying it.
Therefore, what I need is to automatically route the destination server IP address to the VPN connection without hitting our internal proxy server and not changing the proxy exclusion settings in our GPO.
Can anybody help?
Pheeeeewwwwww, I hope somebody can understand this.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...