[THIN] Re: CAG SSL VPN

Send us a diagram of the network, it would help us a lot!

De : thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] De la part de 
Chad Schneider (IT)
Envoyé : 29 avril 2008 14:09
À : thin@xxxxxxxxxxxxx
Objet : [THIN] Re: CAG SSL VPN

Default Gateway of the appliance is external.  We specifiy internal default 
gateway with internal IP Pools.

Split tunneling is not enabled.  Split DNS is not enabled.

Chad Schneider
Systems Engineer
ThedaCare IT
920-735-7615

>>> On 4/29/2008 at 11:43 AM, <steveg@xxxxxxxxxxxxxx> wrote:
Did you set the default gateway of the CAG to be the LAN connection or the 
outside connection of the CAG? Also, how is Split Tunnelling and Split DNS set?




Steve Greenberg

[cid:image001.png@01C8AA41.1FBF5C50]Thin Client Computing

34522 N. Scottsdale Rd D8453

Scottsdale, AZ 85266

(602) 432-8649

www.thinclient.net
steveg@xxxxxxxxxxxxxx

________________________________
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of 
Chad Schneider (IT)
Sent: Tuesday, April 29, 2008 5:59 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] CAG SSL VPN

Our internet team, put in a new firewall.  Since this happened, making an SSL 
VPN connection to us via the CAG, we can no longer get to websites outside of 
Thedacare.  Unable to even ping.  Internet team states firewall is configured 
the same as old one (not possible, as that one worked).  They state that users 
get through the firewall, to the CAG, and get the internal IP, as designed.  
The problem is that requests for external websites then go back ou through the 
CAG external interface, back to the firewall.  I am not sure this is right.  I 
thought that once they got an internal IP, all traffic would be internal, and 
internet traffic would be routed through the internal interface, then back out 
through the firewall.

Thoughts?


Chad Schneider
Systems Engineer
ThedaCare IT
920-735-7615

PNG image

Other related posts: