• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Monitoring Outgoing VPN activity

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Logging and Reporting >> Monitoring Outgoing VPN activity Page: [1]
Login
Message << Older Topic   Newer Topic >>
Monitoring Outgoing VPN activity - 24.May2007 11:20:23 PM   
textguru

 

Posts: 223
Joined: 4.May2004
From: Philippines
Status: offline
Some of my users need to connect to external VPN servers to access web application.Is it possible to see the connection activity like the sites visited and protocol? As stated on http://www.elmajdal.net/ISAServer/Creating_Reports_For_VPN_Clients.aspx , you can only see the initiated connections and not the actual activity of the user. Hope this is possible.
Post #: 1
RE: Monitoring Outgoing VPN activity - 25.May2007 1:49:31 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi textguru,

no, that's *not* possible for the very simple reason that all traffic is by definition hidden within the VPN tunnel. Thus, no firewall on earth can see inside the VPN tunnel except the VPN endpoints itself.

HTH,
Stefaan 

(in reply to textguru)
Post #: 2
RE: Monitoring Outgoing VPN activity - 27.May2007 3:15:03 AM   
textguru

 

Posts: 223
Joined: 4.May2004
From: Philippines
Status: offline
The reason for this question is I wanted to troubleshoot the problem that I encounter when I am connected to external VPN, there are instance that I can connect to specific host. Is there a way where I can isolate VPN FW Policy rules?

(in reply to spouseele)
Post #: 3
RE: Monitoring Outgoing VPN activity - 27.May2007 7:37:20 AM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi textguru,

it sounds that the clients do not have problems to establish the VPN connection itself but rather that the user can't connect to all hosts reachable through that VPN connection. Right?

Also, as said before, the ISA server can *not* control or even see the traffic going *through* the VPN tunnel. So, there are no FW policies involved for that specific traffic.  It's the VPN tunnel that is allowed are denied!

I suggest you first carefully read my article http://www.isaserver.org/articles/IPSec_Passthrough.html especially section "4. Configuring ISA Clients".

A quick test is to make sure that the VPN client is *only* configured as a SecureNAT client. Thus, you *must* disable any Web Proxy and Firewall client setting on that client. With that configuration you should not have problems to connect to any host reachable through that VPN connection, otherwise there is a problem with the VPN client itself.

HTH,
Stefaan

(in reply to textguru)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Logging and Reporting >> Monitoring Outgoing VPN activity Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts