Our internet team, put in a new firewall. Since this happened, making an SSL VPN connection to us via the CAG, we can no longer get to websites outside of Thedacare. Unable to even ping. Internet team states firewall is configured the same as old one (not possible, as that one worked). They state that users get through the firewall, to the CAG, and get the internal IP, as designed. The problem is that requests for external websites then go back ou through the CAG external interface, back to the firewall. I am not sure this is right. I thought that once they got an internal IP, all traffic would be internal, and internet traffic would be routed through the internal interface, then back out through the firewall. Thoughts? Chad Schneider Systems Engineer ThedaCare IT 920-735-7615