I'm a bit stumped.
When I use VPN my regular Internet doesn't work anymore, as soon as I disconnect, it's back.
When I use VPN my regular Internet doesn't work anymore, as soon as I disconnect, it's back.
How do I get VPN and regular Internet to work at same time?
- Thread starter dmcowen674
- Start date
This is by design. Its a bad idea to have the vpn and internet working at the same time because if you get a virus or the like it can travel down the VPN tunnel and infect the work network. However, some places do allow you to surf while using the VPN, its called "Split Tunneling", and you'd have to ask the person maintaining the VPN to enable it.
Tim
Tim
There should be an option in the VPN software to allow access to local LAN. You may be able to get regular Internet through that.
This is normally controlled by the VPN concentrator.
Allowing split-tunneling as tyanni descirbed is a network no-no. Doubtful there is anyway around it. The policy is controlled by the VPN concentrator. The client doesn't have a say in it.
Are you talking about a single computer or a home network.
For a single computer, I dont think there is any other way around except what spidey07 said.
For a home network, just use a switch to separate the VPN and your home network.
I just dont understand one thing: why I cannot access my VPN through my routers (I tried both Dlink and Buffalo). It's connected but I cannot do anything.
If I just use a switch then no problem.
For a single computer, I dont think there is any other way around except what spidey07 said.
For a home network, just use a switch to separate the VPN and your home network.
I just dont understand one thing: why I cannot access my VPN through my routers (I tried both Dlink and Buffalo). It's connected but I cannot do anything.
If I just use a switch then no problem.
On my own work's VPN connection, I have the windows client setup in network connections and there's a place to uncheck use remote gateway on network for the VPN connection. After doing this, my computer only transmits traffic on the VPN connection that is supposed to be for the VPN. Regular internet traffic doesn't flow through the VPN
Most routers have a function called IPSec/PPTP/L2TP Passthrough which you must enable in order for this to work properly.
Thanks guys, that's the missing equation.
Before I just added a switch and set up two connections, now I am on Wi-Fi and don't have that option.
Brain fart on my part, must be getting old.
Before I just added a switch and set up two connections, now I am on Wi-Fi and don't have that option.
Brain fart on my part, must be getting old.
Well, I got to show my ignorance here ... but how do I enable IPSec/PPTP/L2TP Passthrough ... my router is a DI-514.
well, the whole concept of 'split tunnelling' sounds bogus. if you get infected while on the net and then get on your vpn, the virus get out onto your lan just as easily. Simply because it doesnt have simaltaneous access to the lan and vpn, does not mean your vpn is safe. so really, why is it there? my guess is that it has something to do with bandwidth.
think - if your computer is hacked while you are on the internet, and there is a connection back to your work network...
Of course there is also a chance that the laptop could be hacked while not on corporate VPN, and then infect the network.
But I think an even better course of action would be to always have the laptop connect to HQ via VPN. Then all traffic is routed through HQ and screened/protected.
why would it be easier for someone to get into your vpn WHILE U R ON IT?! it would be much easier to plant a trojan on your pc from the net. then LATER, when u think u are secure and vpn to work, the trojan goes there. the trojan then email harvests your lan and gets out from any posrt/machine it happens to be on - even if your box is shut down or bogged down running the bot. also the likelihood that you are on both connections SIMALTANEOUSLY is orders of magnitude less than asynchronous connection.
i think vpn software should have a built in nat firewall so that only applications initiating the vpn can access its port. of course that would mean logging off the vpn every time to wanted to change applications using the mother ship.
That's why I mentioned that it would be better to have the laptop automatically "call home" whenever it gets internet access. That way you don't have to worry about malware because all of the laptop's traffic is going through the screeners at HQ.
Your idea is common best practice for security. That's the concern and why you never allow split-tunneling and enforce a host based firewall (and policy) from the VPN concentrator.
Defense in depth. Allow only what you specifically allow. Allowing split-tunneling is a no-no in network security. bad mojo.
OK I'm back on this.
A bunch of guys are having to use up two computers because of this, one for the VPN work and the other up for E-mail and access to other data that is through website with a username and password.
Local Lan is turned off on the VPN.
Anyone have any idea of how to get at least E-mail working for starters?
RebateMonger
Elite Member
- Dec 24, 2005
- 11,586
- 0
- 0
I almost always use (Windows) server-based VPNs, so I'm hardly an expert on VPN hardware. I can tell you that when you use a Windows Server VPN, you can set up the VPN so that the VPN clients can access the Internet through the remote (VPN) network.
My remote VPN Server is an SBS 2003 with ISA 2004 installed. Using the default VPN settings, I can access the Internet through the remote (VPN) network without using Split Tunneling.
I imagine there's a way to do this with a hardware-based VPN configuration. I just don't know what it is.
My remote VPN Server is an SBS 2003 with ISA 2004 installed. Using the default VPN settings, I can access the Internet through the remote (VPN) network without using Split Tunneling.
I imagine there's a way to do this with a hardware-based VPN configuration. I just don't know what it is.
This solution works fine... I don't understand why you would need to go into "split-tunneling"?
Also, second question and instead of making another thread I'll throw it in here:
I would like to know why most people setup VPN tunnels. As far as my limited experience with VPNs go, they are very slow and are only good for transferring small documents and/or security for an RDP session or something similar. Please note: "limited experience".
her209
No Lifer
- Oct 11, 2000
- 56,336
- 11
- 0
This works fine on a Windows Server OS running the VPN services. When I do this and try to connect to a Cisco VPN appliance, specifically a PIX 501, it doesn't allow me to connect unless its checked. I think this has more to do with the fact that the PIX 501 is also the gateway and it cannot route Internet-bound traffic to itself. Although I've never tried it, I assume that by adding a new gateway to the remote network would fix the "issue".
Fardringle
Diamond Member
- Oct 23, 2000
- 9,200
- 765
- 126
I can answer this question with one simple word:
Security.
Companies sometimes need to give their employees access to the internal corporate network while the users are not actually on the network. A VPN connection allows the users to access network resources using encryption and authentication that will help prevent unauthorized access to the network.
Speed has nothing to do with the equation, since securing the data is far more important than the speed at which the data is transferred, and when properly implemented a VPN tunnel won't be noticeably slower than a completely unsecured transfer on the same Internet connection.
I understand it accomplishes the need of security and giving remote users access to files but...
Even if the VPN is setup properly like you said, transferring a 5MB or 10MB file across it is slowwww... going from a fast LAN connection to a slow WAN connection.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 24K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 19K
-
-
-
Intel processors crashing Unreal engine games (and others)- Started by BFG10K
- Replies: 2K
Facebook
Twitter