Routing internet traffic from VPN connections through web gateway
Posted on 2011-03-01
We replaced our old web proxy server with a Symantec Web Gateway appliance (8450), which is connected in an inline configuration between our firewall/router (Cisco ASA 5510) and the LAN of our main site. Internet traffic is now not routed through a proxy server.
So far, the appliance works really well and has quite a few advantages. However, we have an issue as we have two remote sites that are connected via a VPN tunnel from the Cisco ASA 5510. Whilst in the past the internet traffic from these two sites was directed to the proxy server (at our main site), as the VPN connections are on the wrong side of the Symantec web gateway appliance, users in these two sites.
The networking contractor says there is no other solution to this issue other than setting up another proxy server in the main site, or alternatively purchasing another Cisco ASA firewall and other internet connection . We are not keen on either of these solutions for various reasons.
Configuring Cisco routers is not my field of expertise/capability so just want to know what other options are possible (if any) that I can get the contractor to investigate. Is it say possible to configure the Cisco firewalls on the remote sites to channel internet traffic to perhaps the gateway at our main site? If it makes any difference, the Cisco ASA firewall at our main site has got one spare Ethernet port.