Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

VPN Connection


  • Please log in to reply
2 replies to this topic

#1 how2compute

how2compute

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:59 PM

Posted 12 February 2015 - 04:49 PM

This is my first post on here and it will probably be more words than needed. Just trying to give all information in the original post.

 

Here’s the situation. I subcontract for several companies and I need to be connected to one of the business networks via OpenVPN for most of the day. However, I only want the necessary, work related (related to that company) traffic going through their network. 

 

I thought I understood the basic technology of a VPN but apparently I’m missing something. I’m a bit confused as to what is happening with the traffic when connected. I connect using OpenVPN (the .crt & key was provided by the company).

 

I know that I am on their local network as when I connect I get a small pop up from OpenVPN “Client is now connected: Issued IP 10.xx.xx.xx (It is a private ip, non-routable) I can connect to local shares via Windows Explorer. Also, the reason for the connection is so that I can connect to software via my browser by entering a local ip address and logging in. However, if I navigate to whatismyip.. it shows my local, home ip address, NOT the IP of the business I'm connecting to. In the same browser, I can connect to their local software via IP address and whatismyip shows my home IP address.

 

So, I have several questions.

 

Can you explain what is happening above? Is only traffic bound for certain IP's routing through the VPN? Is this a VPN setting?

 

Obviously I don’t want ALL of my traffic going through their network so to err on the side of safety,  I am considering one of the two techniques to err on the side of safety.

 

I have a work computer set up in my home office over in the corner (Windows). I connect to the work computer via RDP from a Mac.  Then on the Windows computer I connect via the VPN to the business. All work is done from the Windows computer via RDP and all personal and other work is done via my Mac. Both computers are on the same local network. Is my traffic separated using this method?

 

Another method I is a virtual machine (Using Parallels on Mac) where I have a Virtual “Work” computer (Windows) that is connected to a second network card that is accessing the guest network on my router. The Mac is connected to the "home" network.  The security setting in Parallels is set to “Isolate Windows from Mac”. I'm a complete novice with Wireshark but I have installed it on the Windows VM and cannot see any of my Mac traffic. So, Is my traffic separated using this method? 

 

Thoughts, suggestions, etc?

 

Thanks in advance!



BC AdBot (Login to Remove)

 


#2 Wand3r3r

Wand3r3r

  • Members
  • 2,027 posts
  • OFFLINE
  •  
  • Local time:12:59 PM

Posted 12 February 2015 - 06:14 PM

I believe what you are seeing is referred to as split tunnel vpn. 

http://en.wikipedia.org/wiki/Split_tunneling

 

A traditional vpn only allows vpn traffic only and no other access.  It is unclear to me how the OpenVPN connection is being used to establish the connection to this business network.  At my facility we have a vpn router that allows for client authentication.  Usually its just vpn access though with some software vendors we have it configured to do split tunnel so they can be connected to their server as well as ours.

 

It is also unclear why you think your personal traffic would be going through the vpn connection.  Odds are it isn't especially concerning internet access.  How about you connect via vpn and then post the results of a ipconfig /all. No need to hide anything since they will be private ip addresses which are not hackable. 



#3 how2compute

how2compute
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:59 PM

Posted 12 February 2015 - 06:37 PM

Ah, you have answered my question. Split tunneling makes sense.

 

As to why I thought all personal traffic would go through the vpn connection... I was thinking of vpn services such as ProXPN that route all "internet traffic" through their servers. I see the difference.

 

Thanks for your help!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users