OK, if BC proxy is inline, i am not too sure if vpn client will work (purely in terms of routing).ġ question to ask, traffic towards the internet, would BC proxy initiate the connection to the internet on behalf of the internal users and proxy the connection back towards the internal users? So from ASA point of view, web traffic from internal users, would the ASA see the source as BC proxy or individual users' ip address? If it does, you can configure tunnel default gateway on the device that terminates the VPN (assuming that you are using Cisco ASA or router to terminate the VPN). In terms of forcing the VPN Client traffic towards the BlueCoat in transparent proxy mode, again, you would need to check the network device that redirects the traffic to see if that is capable of redirecting those VPN Client traffic. However, I have seen my company that has BlueCoat within their internal networks. You need to check if the network infrastructure that you have supports that capability. It would be best that the BlueCoat proxy server is on its own DMZ, however, there are a few things that you have to look out. Is the device performing redirection supports the transparent proxy solution that BlueCoat supports? I guess it would be WCCP to redirect the traffic to BlueCoat, right? Which device will be redirecting the web traffic towards BlueCoat? Things that you may want to check out is: You might need to design the transparent proxy solution with Bluecoat to confirm how it will actually work out as a solution.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |