VPN Question - Will not let me connect to anything else when VPN is connected.

[pilla75]

I am using CISCO 5.0.07 VPN to connect to work.
When I connect to VPN it does not let me connect to any other websites basically it cuts off all other internet access.
Checked with the networking guy at work and he says it's on my end and nothing on their end.
I tried on 3 Win7 machines and 1 XP machine all with the same results - will not let me connect to anything else when I am on VPN.

Is there a setting on the VPN software itself that I am missing? or is it an OS setting?

Also tried Shrewsoft VPN without any luck.
Thanks
Pilla

 

[theevilsharpie]

In your VPN connection properties under the Transport tab, ensure that Allow Local LAN access is checked.

 

[boochi]

Create a virtual machine on your pc and setup the vpn connection inside that guest os. Windows 7 Professional and Ultimate include a free copy of XP for use in "XP Mode".

 

[pilla75]

Thanks theevil. I tried the setting but it behaves the same.

Thanks boochi. Are you suggesting something like Logmein?

 

[seepy83]

OP - it really sounds like your network admin has split tunneling disabled. I know s/he told you that it's on your end, but what you're describing is a pretty common VPN configuration.

Cue all of the know-it-all's that think disabling split tunneling is useless and is not necessary for network security, and the ensuing 3 page argument for or against it.

 

[boochi]

No, the virtual machine has it's own operating system running in a window within your current os. Your host machine will share it's internet connection and act like a router with the virtual machine through NAT. Setting up the VPN connection on the virtual machine will have no effect on traffic on the host with the exception of what it passes from the virtual machine. Check out the link for XP Mode (Virtual PC) or you can use VMware Player or VirtualBox if you have an extra copy of XP around.

http://www.microsoft.com/windows/virtual-pc/download.aspx

http://www.vmware.com/products/player/

https://www.virtualbox.org/

 

[bobdole369]

Agreed. Basically: When connected to VPN, you cannot surf. Period.

Unless you set up a VM and use the VPN client and software inside that.

 

[pilla75]

Thanks Seepy.

Client is an apple shop and apparently they don't have this issue with their MACS.
It's an issue only for people like me who use a PC to VPN.

 

[pilla75]

Bobdole- it's just not surfing.
If I want to query the Oracle database using a tool like TOAD while connected to VPN - It cannot connect.

 

[gsaldivar]

Boochi has the solution. I use this method to maintain several separate, isolated VPN connections on the same machine without affecting my LAN traffic.

 

[pilla75]

Boochi- Will give it a shot

 

[pmark]

I'm having this same issue, did you ever resolve this?

 

[pilla75]

Did not try Boochi's suggestion. I figured out that I will not be able to connect to Oracle DB via even if I followed Boochi's suggestion.
I am trying to convince my network admin to check/enable split tunneling.

 

[yinan]

They will never enable split tunneling if they are any sort of smart and/or competent.

 

[pilla75]

They will never enable split tunneling if they are any sort of smart and/or competent.

I know nothing about VPN that's the reason I posted my issue.

So do you know why I am not able to access other websites or any other connections (like querying a db) when I am connected to VPN?
Is there are a configuration/setting on the server side or client side that we are missing?
Thanks

 

[spidey07]

I know nothing about VPN that's the reason I posted my issue.

So do you know why I am not able to access other websites or any other connections (like querying a db) when I am connected to VPN?
Is there are a configuration/setting on the server side or client side that we are missing?
Thanks

It's set on the VPN concentrator by policy, you can't change it.

This is very normal behavior and how almost all VPNs are set up.

 

[pilla75]

Normal behavior? wow!!!
Worked with quite a few clients in the last 10-12 yrs and this is the only one I am having this kind of issues.
What's the use of VPN when it does not allow querying the database using a desktop client like toad or sql plus?

 

[spidey07]

Normal behavior? wow!!!
Worked with quite a few clients in the last 10-12 yrs and this is the only one I am having this kind of issues.
What's the use of VPN when it does not allow querying the database using a desktop client like toad or sql plus?

The purpose of a VPN is to allow you to securely connect to internal network resources over a public network such as the internet as if you were a true internal host. And when you're connected you are not allowed to communicate with non-internal hosts as that would defeat the purpose of the VPN. The P in VPN is for Private.

 

[bobdole369]

I agree with spidey here. Any client that allows split tunneling, or even traffic outside the VPN subnet (yes even to local subnet hosts) is broken. It is no longer private. Your client is working as designed. In other words, there is no problem. You have been using broken clients over the past 10-12 years. Almost all decently well-designed clients won't let you do anything besides talk to the VPN when connected. Currently (at a less critical company where we don't touch the financials) - they use a juniper SSL VPN device that does allow split tunneling. I suspect these get more common.

 

[pilla75]

OK. Here is the deal.
Checked with the admin again.
Like I said they are a MAC shop and they use a mac tool for VPN and using that tool they can access other websites and do anything they want.
The problem is only when using PC based VPN tools.

 

[RecoveringGeek]

I am using CISCO 5.0.07 VPN to connect to work.
When I connect to VPN it does not let me connect to any other websites basically it cuts off all other internet access.
Checked with the networking guy at work and he says it's on my end and nothing on their end.
I tried on 3 Win7 machines and 1 XP machine all with the same results - will not let me connect to anything else when I am on VPN.

Is there a setting on the VPN software itself that I am missing? or is it an OS setting?

Also tried Shrewsoft VPN without any luck.
Thanks
Pilla

Your Pix / ASA admin is not allowing split tunneling. It's a security measure that doesn't allow you to route traffic over your home network. The easiest way to fix this is to ask for them to turn on split tunneling. Good luck with that.