Internet access for vpn clients

- P
- Pseto
  
  Contact options for registered users
posted
17 years ago

Mon, Feb 26, 2007 4:50 PM

I configured my router following instructions at:

formatting link

The goal of it is to enable VPN clients internet access, but rather trough VPN router's Internet connection then trough split tunneling. After configuration from the article above NAT is working fine, but CBAC does not inspect vpn user's traffic which results in denial of returning traffic. Where should I place CBAC inspect rule for inspection of vpn client's traffic? I tried on a loopback interface in both directions and also on the outside interface as inbound rule, but without success, while traffic from the inside being normally inspected.

Best Regards, Igor

Loading thread data ...

- T
- tweety
  
  Contact options for registered users
Vote on answer
posted
17 years ago

Sun, Mar 4, 2007 9:36 PM

at:

formatting link

I run CBAC on the dialer outbound,

i.e

interface Dialer0 ip address x.x.x.x 255.255.255.248 ip access-group inbound in ip nat outside ip inspect fwinspect out encapsulation ppp dialer pool 1 dialer-group 1 ppp authentication chap callin ppp chap hostname

Hope this helps Igor, you can get me on snipped-for-privacy@gmail.com

Best of luck and regards from scotland

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.