This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Allow http for VPN users without proxy

Hi!

Is it possible to allow VPN Cisco client users to browse internet without using proxy? I have tried to Nat/Masq VPN pool --> WAN and also allow dns and http pf for VPN ip pool. I know i had this working on another box astaro but this doesn´t work there either any more....any update that "fixed"/"caused" this?

regards,
Linkan

This thread was automatically locked due to age.

Parents

0 BAlfson over 15 years ago

If you aren't going to run the traffic through the proxy, why not just configure Cisco Remote Access for a split tunnel? To do that, select 'Automatic packet filter rules' and just put "Internal (Network)" into 'Local Networks'.

If you dont want to do that, I know there's a DNS issue with the iPhone and Cisco Remote Access. The trick that someone came up with was a NAT rule: 'VPN Pool (Cisco) -> DNS -> Any : DNAT to {name server}'.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 15 years ago

If you aren't going to run the traffic through the proxy, why not just configure Cisco Remote Access for a split tunnel? To do that, select 'Automatic packet filter rules' and just put "Internal (Network)" into 'Local Networks'.

If you dont want to do that, I know there's a DNS issue with the iPhone and Cisco Remote Access. The trick that someone came up with was a NAT rule: 'VPN Pool (Cisco) -> DNS -> Any : DNAT to {name server}'.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data