I have a Bm 3.6 server running client/site VPN. If a user connects
from
home via his ATT/Comcast cable modem, and then visits an external
site,
the address leaving my network shows up as his Comcast address. This
is a
problem for some of our security personel though, and they'd like me
to
block anything but local addresses from leaving the local network.

The VPN is configured to encrypt all IP traffic to avoid having
"split"
secure/non-secure traffic. Other than encrypting on the local network,
is
there any way around this? My understanding is that if you use a Cisco

VPN you are assigned a local network address. Is there a way to
configure
this with BM?

Thanks for your help.