Results 1 to 10 of 10

Thread: Web with VPN

  1. #1
    2 Star Lounger
    Join Date
    Apr 2001
    Location
    Des Moines, Iowa
    Posts
    180
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Web with VPN

    I've a DSL connection at home. When I connect to the corporate VPN I'm unable to access any web page. I don't know what info is needed so please ask. I'll reply promptly.

  2. #2
    Super Moderator
    Join Date
    Dec 2000
    Location
    Renton, Washington, USA
    Posts
    12,560
    Thanks
    0
    Thanked 4 Times in 4 Posts

    Re: Web with VPN

    The proxy server at work is most likely blocking your access to the web page. And ONLY the IT support will be able to remove the block.

    Can you access the web page FROM work, but may be going through a different server?

    Now running HP Pavilion a6528p, with Win7 64 Bit OS.

  3. #3
    Plutonium Lounger
    Join Date
    Nov 2001
    Posts
    10,550
    Thanks
    0
    Thanked 7 Times in 7 Posts

    Re: Web with VPN

    Is your web browser configured to use a Proxy Server? If not then your employer's firewall will almost certainly be blocking your traffic.

    If there is a proxy server on the work network then you should configure your browser to use it. If there isn't then you or may not be able to work around the problem, depending on the VPN software in use. It may be possible to manually configure routes so that work related traffic is directed through the VPN and other stuff goes directly. This may very well be prohibited by your employer's security policy - so the proxy server is a better option.

    StuartR

  4. #4
    2 Star Lounger
    Join Date
    Apr 2001
    Location
    Des Moines, Iowa
    Posts
    180
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Web with VPN

    Yes, corporate does use proxy for all outgoing traffic. I would like to direct only corporate traffic across the VPN while all undesignated traffic uses my default gateway (dsl modem/router). Can this be done in Win2k? I don't have a need for my web traffic to pass through the corporate LAN, just Terminal Services, Citrix and the like.

  5. #5
    Plutonium Lounger
    Join Date
    Nov 2001
    Posts
    10,550
    Thanks
    0
    Thanked 7 Times in 7 Posts

    Re: Web with VPN

    It is possible to use the ROUTE command to specify which traffic should use which network interface.

    Your VPN connection acts like a second network interface, and when the connection is set up it adds a set of routes so that all traffic will "prefer" to go through the tunnel.

    A suitable incantantation of ROUTE ADD commands will tell TCP/IP to send all traffic through your normal network interface, except for stuff to particular subnets (such as your employer's network). The exact commands you need to do this will depend on confidential information that you should probably not post here, such as the range of network addresses on your employers network. But the starting point will be to get the IP addresses of all the resources that you need to access on their network, and to use ROUTE PRINT to establish all your current routes. This is not for the faint hearted - and please remember what I said about possible conflict with your employer's security policy.

    StuartR

  6. #6
    2 Star Lounger
    Join Date
    Apr 2001
    Location
    Des Moines, Iowa
    Posts
    180
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Web with VPN

    I've checked with work and they don't have a problem with this. I was hoping this wouldn't come to manipulating routes manually. I've also verified that there is nothing in these routes that cannot be shared. It's all a DMZ. So, here's the output of route print when I am not connected to the VPN...
    ================================================== =========================
    Interface List
    0x1 ........................... MS TCP Loopback interface
    0x1000003 ...00 a0 cc e5 d6 72 ...... PCI Bus Master Adapter
    ================================================== =========================
    ================================================== =========================
    Active Routes:
    Network Destination Netmask Gateway Interface Metric
    0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.2 1
    127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
    192.168.0.0 255.255.255.0 192.168.0.2 192.168.0.2 1
    192.168.0.2 255.255.255.255 127.0.0.1 127.0.0.1 1
    192.168.0.255 255.255.255.255 192.168.0.2 192.168.0.2 1
    224.0.0.0 224.0.0.0 192.168.0.2 192.168.0.2 1
    255.255.255.255 255.255.255.255 192.168.0.2 192.168.0.2 1
    Default Gateway: 192.168.0.1
    ================================================== =========================
    Persistent Routes:
    None

    Now here's the output when I am connected...
    ================================================== =========================
    Interface List
    0x1 ........................... MS TCP Loopback interface
    0x1000003 ...00 a0 cc e5 d6 72 ...... PCI Bus Master Adapter
    0x6000004 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
    ================================================== =========================
    ================================================== =========================
    Active Routes:
    Network Destination Netmask Gateway Interface Metric
    0.0.0.0 0.0.0.0 172.16.1.82 172.16.1.82 1
    0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.2 2
    127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
    172.16.1.82 255.255.255.255 127.0.0.1 127.0.0.1 1
    172.16.255.255 255.255.255.255 172.16.1.82 172.16.1.82 1
    192.168.0.0 255.255.255.0 192.168.0.2 192.168.0.2 1
    192.168.0.2 255.255.255.255 127.0.0.1 127.0.0.1 1
    192.168.0.255 255.255.255.255 192.168.0.2 192.168.0.2 1
    216.136.89.196 255.255.255.255 192.168.0.1 192.168.0.2 1
    224.0.0.0 224.0.0.0 172.16.1.82 172.16.1.82 1
    224.0.0.0 224.0.0.0 192.168.0.2 192.168.0.2 1
    255.255.255.255 255.255.255.255 192.168.0.2 192.168.0.2 1
    Default Gateway: 172.16.1.82
    ================================================== =========================
    Persistent Routes:
    None


    What should I do? I see the possibility of persistent routes. Is this worth while?

  7. #7
    Plutonium Lounger
    Join Date
    Nov 2001
    Posts
    10,550
    Thanks
    0
    Thanked 7 Times in 7 Posts

    Re: Web with VPN

    We can do something with persistent routes, but give me a couple of days, as I am in a hotel with very limited internet access this week.

    StuartR

  8. #8
    2 Star Lounger
    Join Date
    Apr 2001
    Location
    Des Moines, Iowa
    Posts
    180
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Web with VPN

    I am a patient man. Thanks for your help.

  9. #9
    Plutonium Lounger
    Join Date
    Nov 2001
    Posts
    10,550
    Thanks
    0
    Thanked 7 Times in 7 Posts

    Re: Web with VPN

    Try changing the Metric associated with the default route that goes via your employers network., using the syntax
    <code>ROUTE CHANGE 0.0.0.0 MASK 0.0.0.0 172.16.1.82 METRIC 10</code>

    This should increase the metric for this default route, so the other default route (with a metric of 2) should get used instead. If this totally screws up your network then restore the original route with
    <code>ROUTE CHANGE 0.0.0.0 MASK 0.0.0.0 172.16.1.82 METRIC 1</code>

    You will need to do this manually after establishing the VPN, unless the address of 172.16.1.82 is always the same.

    Let us know if it works

    StuartR

  10. #10
    5 Star Lounger
    Join Date
    Jan 2001
    Location
    Newark, New Jersey, USA
    Posts
    999
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Web with VPN

    what vpn software fo you use?
    Mike Wolfman
    Jack of all, Master of none
    Bow before me, for I am root.
    <IMG SRC=http://www.wopr.com/w3tfiles/112673-wolfsig.jpg>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •