[THIN] Re: CAG
- From: "Chad Schneider (IT)" <Chad.M.Schneider@xxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Mon, 26 Nov 2007 10:44:09 -0600
I do think that I need to somehow enable a route to all internet
traffic, via the CAG, out through the corporate network.
This worked at my former employer, but that physical configuration was
different.
>>> Saravanan Srinivasan <sarav2k@xxxxxxxxx> 11/21/2007 8:56 AM >>>
Thats correct. Split Tunneling also considered as Security Threat
since all traffic doesn't goes thru your corporate network and internet
policies doesn't apply.
If you are not in production, you can try to add a static route for
google and try. That might work.
I will confirm once I play with that more....
Saravanan
"Chad Schneider (IT)" <Chad.M.Schneider@xxxxxxxxxxxxx> wrote:
If I enable Split Tunneling...and set my network access list, I can get
this to work.
That is a band aid, I would rather not use split tunneling.
I feel, if the users are making an SSL VPN connection, I want all
traffic routed through the CAG. So, how do I tell the CAG to route
internet traffic, via the CAG? It works with static routes for the
inside network, (default gateway on CAG set to external (0)). How do I
configure it for the outside?
>>> Saravanan Srinivasan <sarav2k@xxxxxxxxx> 11/20/2007 7:49 PM >>>
This is related to Routes on your CAG, You probably have Static
routes.
I am still working on the same thing. After I added a route like this
eth1 64.0.0.0 255.0.0.0 GW
I was able to browse google. but I started getting some vpn issues.
I may have to figure out what is the right route I need to add.
Hope this helps
Saravanan
Steve Greenberg <steveg@xxxxxxxxxxxxxx> wrote:
Check your default gateway, you obviously have on for the insider, you
might not have one set for going outward…
Steve Greenberg
Thin Client Computing
34522 N. Scottsdale Rd D8453
Scottsdale, AZ 85262
(602) 432-8649
www.thinclient.net (
http://us.f530.mail.yahoo.com/ym/www.thinclient.net )
steveg@xxxxxxxxxxxxxx
From:thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Chad Schneider (IT)
Sent: Tuesday, November 20, 2007 8:37 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] CAG
All seems well, SSL VPN working great for all internal items.
What I have found, is that access to web pages outside the network,
such as dell.com, google.com,. etc., fail.
Split tunneling is disabled.
All traffic should be going through the CAG, and should work fine.
Chad Schneider
Systems Engineer
ThedaCare IT
920-735-7615
- Follow-Ups:
- References:
- [THIN] Re: CAG
- From: Chad Schneider (IT)
- [THIN] Re: CAG
- From: Saravanan Srinivasan
Other related posts:
- » [THIN] CAG
- » [THIN] Re: CAG
- » [THIN] CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- » [THIN] Re: CAG
- [THIN] Re: CAG
- From: Chad Schneider (IT)
- [THIN] Re: CAG
- From: Saravanan Srinivasan