Proxy servers are typically not gateways, as they run on the application layer.
Give each site its own subnet and set appropriate routing, then just set the proxy in your browser properties via GPO for your users. --Durf On 9/12/08, Adam Greene <[EMAIL PROTECTED]> wrote: > Hi guys, > > I'm trying to connect two customer sites via a site-to-site VPN so that all > machines at Site A can be forced to go through a proxy server at Site B to > access the Internet. > > I am toying with the idea of placing both sites on the same network (i.e. > 10.2.0.0/16) and then providing the machines at Site A with a default > gateway of the proxy server at Site B. > > However, I'm not convinced that this will work. I mean, if the Site A > machines don't use their local VPN device as their gateway, how will that > device know to forward packets over the VPN to the proxy server at Site B? > > Customer doesn't want to set up static NAT entries on the VPN device at Site > A for all the other network resources they need to access at Site B > (Exchange, Sharepoint, and more) otherwise I think we could just leave Site > A on a 192.168.0.0 network and NAT the proxy server at Site B to a > 192.168.0.x. address. > > To complicate things further, customer has a Sonicwall TZ170 on one end and > a Cisco PIX on the other. They are willing to change the Sonicwall to a PIX > / ASA if that will facilitate the setup. > > Any ideas? > > Hey, you didn't all go home for the weekend, did you? > > --Adam > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ -- -------------- Give a man a fish, and he'll eat for a day. Give a fish a man, and he'll eat for weeks! ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
