Link to home
Start Free TrialLog in
Avatar of aduffield76
aduffield76

asked on

I need to force access to 2 external IP's through a Cisco router without going down a VPN tunnel.

I have a client that connects to the internet via a remote proxy (ISA server) via a vpn tunnel (PIX)

They have a gateway of 192.168.93.1 wich is a cisco 800 router.

They need to be able to telnet onto 2 external servers without going via the vpn tunnel (91.207.36.33 and 91.207.36.37)

In each client they have internet proxy set to the isa box (192.168.92.200)

I want any access to the above 2 external addresses to be pushed out to the internet, NOT down the VPN tunnel.

Please can you help?


buxton-config.txt
Avatar of Tomas Valenta
Tomas Valenta
Flag of Czechia image

in Cisco VPN configuration you see IP destination list for what are packet routed to the VPN.
YOu must only customized this list to exclude your two external IP addresses. If you shou me your
Cisco config I will help you.
Avatar of Istvan Kalmar
Hi,

You need to pus this address to local computer proxy settings!

Best regards,
Istvan
Avatar of aduffield76
aduffield76

ASKER

If I disable the proxy on the local client it makes no difference as to whether or not it telnet's onto the external IP addresses.

I have attached the config on the local router where I believe the changes need to be made.
site-config.txt

Instead of this:

>access-list 102 permit tcp any any eq telnet
>access-list 102 deny   ip any any log

Try this:
access-list 102 permit tcp any host 91.207.36.33 eq telnet
access-list 102 permit tcp any host 91.207.36.37 eq telnet
access-list 102 deny   ip any any log
ASKER CERTIFIED SOLUTION
Avatar of surbabu140977
surbabu140977
Flag of India image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial