[THIN] Re: Help is appreciated....
- From: Nick Smith <nick@xxxxxxxxxxxxxxxxxx>
- To: "'thin@xxxxxxxxxxxxx'" <thin@xxxxxxxxxxxxx>
- Date: Tue, 29 Apr 2008 19:59:42 +0100
DNS on the VPN?
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of
Chad Schneider (IT)
Sent: 29 April 2008 19:11
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Help is appreciated....
Traceroute from the gateway admin desktop to external sites, NOTHING.
Chad Schneider
Systems Engineer
ThedaCare IT
920-735-7615
>>> On 4/29/2008 at 12:04 PM, <adwulf@xxxxxxxxx> wrote:
2008/4/29 Chad Schneider (IT) <Chad.M.Schneider@xxxxxxxxxxxxx>:
>
>
> We are not running a true proxy server.
>
> All internet traffic is routed through the firewall, but there is no Proxy
> listed in IE.
>
It sounds to me like your VPN users' default gateway is missing a
route to the outside world.
Compare traceroutes of VPN-Client > External and Internal-Client > External
- this should give you some idea of which route is missing.
It may also be that your firewall does not recognise the VPN subnet as
being an internal network.
For example - if your usually internal network consists of:
10.50.10.0/24 and 10.50.11.0/24, you probably have a rule on the
firewall which looks like:
From: 10.50.10.0/24 OR 10.50.11.0/24
To: EXTERNAL
Protocol: http,https,icmp,ftp,ssh,nntp,pop3
Action: PERMIT
If your VPN network is using something else (eg 192.168.10.0/24 or
10.50.12.0/24), then that rule won't be applied and the traffic will
not be permitted.
--
AdamT
We are laser-removed
Tasmanian Devil Tattoos
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin
************************************************
Other related posts:
