[THIN] Re: CAG
- From: Saravanan Srinivasan <sarav2k@xxxxxxxxx>
- To: thin@xxxxxxxxxxxxx
- Date: Wed, 21 Nov 2007 06:56:46 -0800 (PST)
Thats correct. Split Tunneling also considered as Security Threat since all
traffic doesn't goes thru your corporate network and internet policies doesn't
apply.
If you are not in production, you can try to add a static route for google
and try. That might work.
I will confirm once I play with that more....
Saravanan
"Chad Schneider (IT)" <Chad.M.Schneider@xxxxxxxxxxxxx> wrote:
If I enable Split Tunneling...and set my network access list, I can get
this to work.
That is a band aid, I would rather not use split tunneling.
I feel, if the users are making an SSL VPN connection, I want all traffic
routed through the CAG. So, how do I tell the CAG to route internet traffic,
via the CAG? It works with static routes for the inside network, (default
gateway on CAG set to external (0)). How do I configure it for the outside?
>>> Saravanan Srinivasan <sarav2k@xxxxxxxxx> 11/20/2007 7:49 PM >>>
This is related to Routes on your CAG, You probably have Static routes.
I am still working on the same thing. After I added a route like this
eth1 64.0.0.0 255.0.0.0 GW
I was able to browse google. but I started getting some vpn issues.
I may have to figure out what is the right route I need to add.
Hope this helps
Saravanan
Steve Greenberg <steveg@xxxxxxxxxxxxxx> wrote:
v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);}
st1\:*{behavior:url(#default#ieooui) } Check your default
gateway, you obviously have on for the insider, you might not have one set for
going outward?
Steve Greenberg
Thin Client Computing
34522 N. Scottsdale Rd D8453
Scottsdale, AZ 85262
(602) 432-8649
www.thinclient.net
steveg@xxxxxxxxxxxxxx
---------------------------------
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Chad Schneider (IT)
Sent: Tuesday, November 20, 2007 8:37 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] CAG
All seems well, SSL VPN working great for all internal items.
What I have found, is that access to web pages outside the network, such as
dell.com, google.com,. etc., fail.
Split tunneling is disabled.
All traffic should be going through the CAG, and should work fine.
Chad Schneider
Systems Engineer
ThedaCare IT
920-735-7615
- Follow-Ups:
- [THIN] Re: CAG
- From: Chad Schneider (IT)
- References:
- [THIN] Re: CAG
- From: Chad Schneider (IT)
Other related posts:
- » [THIN] CAG
- » [THIN] Re: CAG
- » [THIN] CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- [THIN] Re: CAG
- From: Chad Schneider (IT)
- [THIN] Re: CAG
- From: Chad Schneider (IT)