Hi all, I have a deployment in which a VPNC is used for terminating IPSec tunnels from other locations, but it also works as the main router and one of its ports is configured as WAN with a public IP address.
On the other side, there are many LAN ports with different VLAN and I want to restrict user traffic to streaming, social networking, etc. I already turned on DPI and WebCC in the VPNC and made a policy restricting web categories streaming and social networking.
After doing that, I applied this policy to a new trusted LAN interface (new VLAN also) that I setup for testing purposes, but test clients connected through an unnamaged switch to the VPNC's test LAN interface are still able to open YouTube, Facebook, etc.
What do you think I could be missing here?
Regards.
------------------------------
Abdel Castro Perpuli
------------------------------