No announcement yet.

Access to Internet over Cisco VPN

  • Filter
  • Time
  • Show
Clear All
new posts

  • Access to Internet over Cisco VPN


    I would like to ask you for help with configuration of internet access for remote VPN clients. I have PIX 506E as the VPN concetrator and access to internet is not allowed for the VPN clients.
    Is it possible to allow this in a different way than split tunneling ?
    I would prefer to route the Internet traffic through the firewall and use the company internet connection.
    I'm not expert for Cisco configuration so any advice is welcomed.

    Thank You, Milan

  • #2
    Re: Access to Internet over Cisco VPN

    Yes you can, just configure the ACL (SAS) write from the IPSEC.


    • #3
      Re: Access to Internet over Cisco VPN

      You could setup a proxy server too.
      Generally there would be latency involved because traffic has to get to your company and then out to the internet rather than direct.
      or you could look at forcing only RDP traffic and then your users would only be able to RDP to their desktops (or TS/Citrix server) and use IE etc that way?

      Please read this before you post:

      Quis custodiet ipsos custodes?


      • #4
        Re: Access to Internet over Cisco VPN

        Thanks for your ideas. In the meantime I have solve that by using a simple proxy server.
        Actually I'm not sure how to setup the ACL on the PIX to alow the internet traffic.
        There is no rule blocking the internet traffic. I can access internal web servers from the VPN clients. As the VPN client I get an internal LAN IP address which shoud be allowed to access Internet over NAT configured on the firewall. COuld be there any problem with the NAT configuration for the VPN clients ?