12-21-2005 09:26 AM
Our current set-up uses a PIX515E fireall (running v6.3 OS) with split tunnel configured for connections to ADSL connected remote sites and home users using their own internet broadband connection and running the Cisco VPN client.
We have implemented a proxy server at our head office to perform web filtering etc.
We would like the web filtering to be applied to home users and the remote offices too.
Do we have to disable split-tunneling in order to achieve this?
Or is there a simple way of doing this by just forcing the users internet browser settings to point to the proxy at the head office?
Or any better ways of achieving this?
Suggestions welcome!
Thanks,
Neil
12-21-2005 02:28 PM
one way is to upgrade the pix to v7. with v7, the pix can redirect the internet traffic for vpn client.
back to the current state, i believe pix can't push the proxy settings to remote user pc. so i guess it is a manual process. and yes, split tunneling needs to be disable.
12-22-2005 02:26 AM
Thanks for the info, thats exactly what I needed to know!
01-03-2006 01:37 AM
With Split Tunneling enabled remote users can bypass the proxy if you define the split tunnel to encrypt data only for your company Network. If you disable split tunnell then all traffic will be routed via VPN as soon as a user connects using the Cisco VPN Client.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: