cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
213
Views
4
Helpful
1
Replies

VPN Internet Traffic

ross_rulz
Level 1
Level 1

Hi Guys,

We have a couple of L2L sites that use Cisco 837 ADSL routers to connect back to our headquarters. We want to get all there Internet Traffic coming across the VPN so it can go through our Proxy server. Is it a matter of denying our internal addressing from being Natted then have a deny all statement at the end? I have attached one of our remote site configs if someone can have a look and tell me if this is possible?

Cheers,

Ross.

1 Reply 1

5220
Level 4
Level 4

Hi Ross,

You can do this in several ways:

1. If your proxy is to be configured on the computer browsers (like ISA proxy), then simply add the traffic from the PCs to the IPs of the proxy to the VPN ACL and to the nonat (with deny).

2. Add all traffic over VPN from the user subnet. At this time you can remove the NAT commands all together since no NAT is required anymore. You can use this even if the proxy is something like Websense that works by sniffing the traffic.

Please rate if this helped.

Regards,

Daniel

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: