Hello All........I have been rolling out a "Default Deny" policy on all my
remotely connected VPN Sites. This policy drops all non RFC-1918 IP
space at the remote locations firewall. We are auto-detecting via Group
Policy. The endusers have no problem resolving wpad EVER. They can ping
wpad all the time. However, half the time these users are going directly
to the web instead of the proxy. Consequently, unless I allow outbound
http and https access on the remote firewalls access-list applied to the
internal interface (remote LAN facing), I get inconsistent web access.
"Page Cannot Be Displayed" a LOT of the time. This happens EVERYWHERE
meaning all the remote locations I have made the firewall change. I will
locate a user experiencing this issue and will debug on the remote
firewall for their web traffic. What I see is that for a few seconds the
end user makes calls to the Virtual Address on the Load Balancers at our
corporate office (as designed) and then suddenly see a flurry of traffic
trying to access the Public IP's of say........hotmail.com or yahoo.com. I
am stumped and have no idea why this is happening.
Regards,
Eric Watters
Network Engineer
PRG Schultz
Desk: 770.779.3318
Cell: 404.247.0646
Received on Tue Jul 25 2006 - 12:03:32 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Aug 01 2006 - 12:00:02 MDT