Some of my users need to connect to external VPN servers to access web application.Is it possible to see the connection activity like the sites visited and protocol? As stated on http://www.elmajdal.net/ISAServer/Creating_Reports_For_VPN_Clients.aspx , you can only see the initiated connections and not the actual activity of the user. Hope this is possible.
no, that's *not* possible for the very simple reason that all traffic is by definition hidden within the VPN tunnel. Thus, no firewall on earth can see inside the VPN tunnel except the VPN endpoints itself.
The reason for this question is I wanted to troubleshoot the problem that I encounter when I am connected to external VPN, there are instance that I can connect to specific host. Is there a way where I can isolate VPN FW Policy rules?
it sounds that the clients do not have problems to establish the VPN connection itself but rather that the user can't connect to all hosts reachable through that VPN connection. Right?
Also, as said before, the ISA server can *not* control or even see the traffic going *through* the VPN tunnel. So, there are no FW policies involved for that specific traffic. It's the VPN tunnel that is allowed are denied!
A quick test is to make sure that the VPN client is *only* configured as a SecureNAT client. Thus, you *must* disable any Web Proxy and Firewall client setting on that client. With that configuration you should not have problems to connect to any host reachable through that VPN connection, otherwise there is a problem with the VPN client itself.