04-01-2008 08:01 AM - edited 02-21-2020 03:38 PM
Hi,
I was wondering how others do this, but I have got users/offices going through my Cisco Concentrator. However I want to move these off and onto our Cisco ASA.
The problem is I need to monitor users internet traffic which is on a server inside (Surf Control), this works for the Concentrator as users come in and go via the ASA firewall and out, along the way the traffic is caught be the web filter server. The ASA is doesn't do this, as the VPN traffic comes into the ASA and straight out again to the internet.
How can I get round this?
04-07-2008 06:32 AM
Identify the port and enable or rechange the class map , policy map in your device depends up on your requirements.
04-07-2008 07:44 AM
Well all I need to do is forward inbound VPN traffic internally then backout again to get monitored by our Surfcontrol/websense server. Have you used the route tunneled command?
eg
route inside 0.0.0.0 0.0.0.0 1.2.3.4 tunneled
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide