> When the users wants to access the internet, he has to establish the VPN > and use the corporate proxy server... better safe than sorry
good policy
> This is bothering me... how can we set things up so the user can use the
> local broadband connection,
> without dynamically changing the policy,
> without allowing internet browsing access at all times..
can you allow outbound 80/443 to the local subnet? What I find is that the
access control web servers are usually on the same subnet. This would still
not allow your users to do much 'bad stuff', but it would allow access
to these billing sites.
--
--------------------------------------------------------------------
[EMAIL PROTECTED] Collaborative Intrusion Detection
join http://www.dshield.org
msg10009/pgp00000.pgp
Description: PGP signature
