I have two buildings, each with a server. There is a router at each facility connecting each location via PRN through Qwest. Not sure if it makes a difference but one is in Mexico, one is in Texas. We have the mexico subnet using the texas proxy server for the internet but when they try to access, they are getting 403 forbidden. We have given them rules to access the internet. On the logger screen of the BorderManager server(Texas) it says:
AUTHCHK.NLM: IP Address attempted to Spoof 148.235.xxx.25

When we see this, the users are forbidden. The 148 address is the public address of the router in mexico. I have talked to Cisco and they are not able to give me a solution.