Hi all,
We currently have a Pix 515e and ISA 2006 (both nat'd) in parallel behind our internet facing router. Our external vpn users connect to the PIX using the Cisco client v4.8 to access files, web applications and Exchange which works fine. However we wish to allow the vpn users internet access but out through the ISA for logging etc.
Although we may eventually use the ISA for vpn as well we wish to stay with the PIX for now. The external vpn users are configured as web proxy clients for the ISA they are unable to access the internet. The current ISA config has the VPN address pool assigned to the internal network and an access rule allowing IKE-Client and NAT-T client external access (this was created based on the only config my research turned up which related to allowing internal cisco vpn access to external resources).
ISA logs show no indication that the vpn users are being blocked infact their IP addresses do not appear in any ISA logs although they can resolve the server.
Many thanks in advance.
Start Free Trial
