We have a couple of L2L sites that use Cisco 837 ADSL routers to connect back to our headquarters. We want to get all there Internet Traffic coming across the VPN so it can go through our Proxy server. Is it a matter of denying our internal addressing from being Natted then have a deny all statement at the end? I have attached one of our remote site configs if someone can have a look and tell me if this is possible?
1. If your proxy is to be configured on the computer browsers (like ISA proxy), then simply add the traffic from the PCs to the IPs of the proxy to the VPN ACL and to the nonat (with deny).
2. Add all traffic over VPN from the user subnet. At this time you can remove the NAT commands all together since no NAT is required anymore. You can use this even if the proxy is something like Websense that works by sniffing the traffic.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...