GroupStudy.com - CCIE, CCNA, CCNP and other Cisco Certifications

Home

BookStore

StudyNotes

Links

[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]

Subject: RE: PIX Question - NOT Urgent [7:86589]
From: "Daniel Cotts" <dcotts@xxxxxxxxxxxxxxxx>
Date: Wed, 31 Mar 2004 18:01:11 GMT

1) Quick and Dirty fix. Use PC Anywhere (or similar app) to connect from
site 1 to site 2. Use site 2 PC to browse desired location.
2) As already mentioned this seems more a routing issue. Default behavior at
site 1 would be to send all browse traffic out to the Internet. Too bad if
it's blocked. Policy routing using route-maps can redirect traffic. If you
have a router between the site 1 user(s) and its PIX maybe you could push
the requests to the blocked sites via site 2. I don't know how the site 2
PIX would treat that traffic.
Route-map SNEAKY permit 10
Match ip address 101
Set ip next-hop (whatever gets you to PIX2)
!
access-list 101 permit tcp [local host(s)ip and mask] eq 80 host [ip of
forbidden site]
!
router interface e0
ip address aaa.bbb.ccc.ddd
ip policy route-map SNEAKY
ip route-cache policy
3) A remote VPN Client to site 2 could browse if split-tunnel were
configured.
4) If your employer has a policy to block certain traffic, they might not
have a sense of humor about it should you circumvent that policy. It can get
you fired. Be wise and careful.

-----Original Message-----
From: Guruprasad Sanjeevi [mailto:guruprasads@xxxxxxx] 
Sent: Wednesday, March 31, 2004 3:04 AM
To: cisco@xxxxxxxxxxxxxx
Subject: PIX Question - Urgent [7:86589]

Hi group,


As always after my try I post a question to group.

I have 2 sites. site1 and site2 office connected over a 512kbps internet
link on which I have enabled IPSEC/3DES encryption, Users in site1 can reach
all hosts in site2 but they are not able to browse via site2 internet link.
I can browse via site1 but I want to access a host for which site2 ip block
is allowed and the others are restricted

What I need to do to on PIX to make them browse via a the site2 lnternet
link

Any help is appreciated

Thanks
guruprasad




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=86609&t=86589
--------------------------------------------------
**Please support GroupStudy by purchasing from the GroupStudy Store:
http://shop.groupstudy.com
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Prev by Date: Re: Routing problem? [7:86594]
Next by Date: FW: FW: Telecommunications vs internetworking [7:86571]
Previous by thread: IP Telephony: Can anyone but Nortel do this? [7:86599]
Next by thread: RE: PIX Question - NOT Urgent [7:86589]
Index(es):
- Date
- Thread