[THIN] Re: CAG

• From: Saravanan Srinivasan <sarav2k@xxxxxxxxx>
• To: thin@xxxxxxxxxxxxx
• Date: Wed, 21 Nov 2007 06:56:46 -0800 (PST)

Thats correct. Split Tunneling also considered as Security Threat  since all 
traffic doesn't goes thru your corporate network and internet policies doesn't 
apply.
   
  If you are not in production, you can try to add a static route for google 
and try. That might work.
  
I will confirm once I play with that more....
   
  Saravanan
  
"Chad Schneider (IT)" <Chad.M.Schneider@xxxxxxxxxxxxx> wrote:
      If I enable Split Tunneling...and set my network access list, I can get 
this to work.
   
  That is a band aid, I would rather not use split tunneling.
   
  I feel, if the users are making an SSL VPN connection, I want all traffic 
routed through the CAG.  So, how do I tell the CAG to route internet traffic, 
via the CAG?  It works with static routes for the inside network, (default 
gateway on CAG set to external (0)).  How do I configure it for the outside?

>>> Saravanan Srinivasan <sarav2k@xxxxxxxxx> 11/20/2007 7:49 PM >>>

  This is related to Routes on your  CAG, You probably have Static routes. 
   
  I am still working on the same thing.  After I added a route like this
   
  eth1 64.0.0.0 255.0.0.0 GW
   
  I was able to browse google. but I started getting some vpn issues.
   
  I may have to figure out what is the right route I need to add.
   
  Hope this helps
   
  Saravanan

Steve Greenberg <steveg@xxxxxxxxxxxxxx> wrote:
        v\:* {behavior:url(#default#VML);}  o\:* {behavior:url(#default#VML);}  
w\:* {behavior:url(#default#VML);}  .shape {behavior:url(#default#VML);}        
st1\:*{behavior:url(#default#ieooui) }                Check your default 
gateway, you obviously have on for the insider, you might not have one set for 
going outward?
   
     
  Steve Greenberg
  Thin Client Computing
  34522 N. Scottsdale Rd D8453
  Scottsdale, AZ 85262
  (602) 432-8649
  www.thinclient.net
  steveg@xxxxxxxxxxxxxx

   
      
---------------------------------
  
  From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf 
Of Chad Schneider (IT)
Sent: Tuesday, November 20, 2007 8:37 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] CAG

   
    All seems well, SSL VPN working great for all internal items.

     

    What I have found, is that access to web pages outside the network, such as 
dell.com, google.com,. etc., fail.

     

    Split tunneling is disabled.

     

    All traffic should be going through the CAG, and should work fine.

     

     

  Chad Schneider
Systems Engineer
ThedaCare IT
920-735-7615

• Follow-Ups:
  • [THIN] Re: CAG
    • From: Chad Schneider (IT)

• References:
  • [THIN] Re: CAG
    • From: Chad Schneider (IT)

Other related posts:

• » [THIN] CAG
• » [THIN] Re: CAG
• » [THIN] CAG
• » [THIN] Re: CAG
• » [THIN] Re: CAG
• » [THIN] Re: CAG
• » [THIN] Re: CAG
• » [THIN] Re: CAG
• » [THIN] Re: CAG
• » [THIN] Re: CAG
• » [THIN] Re: CAG
• » [THIN] Re: CAG
• » [THIN] Re: CAG
• » [THIN] Re: CAG
• » [THIN] CAG
• » [THIN] Re: CAG
• » [THIN] Re: CAG
• » [THIN] Re: CAG
• » [THIN] Re: CAG
• » [THIN] Re: CAG
• » [THIN] Re: CAG
• » [THIN] Re: CAG
• » [THIN] Re: CAG

1. Home
2. thin
3. Archive
4. 11-2007

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---