?
Solved

Multiple connections with VPN needed

Posted on 2002-06-13
3
Medium Priority
?
278 Views
Last Modified: 2010-04-11
Okay, I've seen parts of this posted in other questions but havent been able to put it all together.

I havea cable modem that Im connected to thru a linksys router (dont think thats part of it thou). I have set up a VPN to get into a clients machine. When I connect to the VPN network my normal interent connection is lost. The moment I disconnect from VPN it is restored.

How can I have both? I want to be able to get to lotus notes, email, etc will in the VPN. How can I share?

I have WIn2k.

Thanks
0
Comment
Question by:Oshrin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 63

Expert Comment

by:SysExpert
ID: 7076005
Here are some relevant comments from a similar Q.

From: mbruner  Date: 06/13/2002 08:25AM PST  
The reason your tracert shows your traffic going through your works Internet connection is that your
VPN has been setup to not allow split tunnelling.  It is done to help insure that someone doesn't bring
unauthorized traffic into the company network through an unsecured Internet connection.  Manually changing
your default gateway could cause your VPN connection to quit functioning or not establish at all.

The first thing to do should be to briefly try playing with your Outlook Express account settings.  
The "550 Relaying to <whoever> prohibited" typically means that your email server requires you to log
in before it will send email for you.  Here is a link to a very brief Q article on Microsoft's web-site
explaining the steps to get this working:

http://support.microsoft.com/directory/article.asp?ID=KB;EN-US;Q197869&LN=EN-US&rnk=1&SD=tech&FR=0&qry=relaying%20prohibited&src=DHCS_MSPSS_tech_SRCH&SPR=OEX&

There are some ISP's out there that require their email users to access their accounts from a machine
using the ISP's IP address range.  If your VPN connection doesn't allow split tunnelling, then you will
be trying to attach to your email server using your works IP address and not the one the ISP assigned
to you.  This is likely the cause of your problem.  If so, then there isn't a lot you can do other than
disconnect from your VPN session and check your mail.  

I once saw some weird relaying errors with an email server that was caused by the client machine's Internet
domain name being different than what it expected.  It may be possible for a VPN connection to change
your machines Internet domain name (e.g. experts-exchange.com) when setting up system parameters for
the VPN connection.  If the above steps don't would, you could try manually setting your Internet domain
name on your PC.  This typically overrides settings provided by DHCP.  Please note that I have only
seen this once, and I can't remember what email server they were running, so this suggestion is a major
shot in the dark.

My last suggestion would be to call your email provider, or the software company that wrote your email
server.  It is very likely that they have seen this before and could probably have you working in a
matter of minutes.

Hope it helps.  Good luck!  
Comment
From: mbruner  Date: 06/13/2002 08:33AM PST  
Also, to better answer if there is a way around the VPN connection's no-split tunnelling requirement,
it depends on your VPN connection.  If your work uses an enterprise level VPN server / concentrator,
then you probably can't get around it.  You can try changing your default gateway, but I really doubt
it will help.

You could alway try calling your works Network or Security Admins to see if you would allow you to do
split tunnelling.  Don't get your hopes up, but you never know...  

see

http://www.experts-exchange.com/winntnet/Q_20311059.html

I hope this helps !

0
 
LVL 63

Accepted Solution

by:
SysExpert earned 800 total points
ID: 7076018
More info :

From: tmirra
 When connecting thru a VPN is the user able to terminate the VPN client software and still have access    to the internet thru the ISP? Also, and this is more of a legal question but I want to know how other   companies are dealing with this. If the answer to the first part of my question is yes. Then can my     company be held liable for what someone does on the internet, i.e. download pornography? How are other    companies handling this.
                                       
 From: lrmoore            Date: 04/23/2001 06:10PM PST
     Yes. It is called "split tunneling". The simplest way to do it is to un-check the box to "use default gateway on remote network" from the TCP/IP settings when setting up the MSoft VPN (PPTP) client. Other    client software has other methods.

    >can my company be held liable for what someone does on the internet
  Not if you are not providing them Internet access through your corporate Internet connection, but they   are using a dial-up ISP account.
  If you do allow them access, then you should monitor the traffic and immediately fire anyone caught        violating company policies. Having a written policy is the biggest thing you can do to protect yourself.     Create an Internet Usage policy, and have everyone sign a statement to the effect that they have read    and understand..
                                       
  From: lrmoore        Date: 04/23/2001 06:41PM PST
   Not exactly, split-tunneling is where I first open a dial-up (or broadband) connection to the Internet,
     then open a second connection with the VPN client. Any traffic destined to/from the corporate network
       travels through the VPN, but all other normal web traffic bypasses the VPN and goes straight out through
         the ISP. If I don't enable split-tunneling, then when I make the VPN connection, ALL traffic tries to
        go through the tunnel and I will only be able to access the Internet sites allowed by the corporate
         policies enforced by firewalls, proxies, etc.
   Here is some information from several different vendors.

       http://www.nwfusion.com/newsletters/vpn/0823vpn2.html
    http://www.networkcomputing.com/922/922sp2.html
                                         http://www.skystone.com/warp/public/779/largeent/learn/technologies/vpn/ttalk_qna_0600.html
    http://www.infosecuritymag.com/articles/july00/features1b.

I hope this helps !
0
 

Author Comment

by:Oshrin
ID: 7076617
This is the part that worked for me....so simple!

thanks


Yes. It is called "split tunneling". The simplest way to do it is to un-check the box to "use default
                   gateway on remote network" from the TCP/IP settings when setting up the MSoft VPN (PPTP) client. Other
                      client software has other methods.
0

Featured Post

Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses
Course of the Month15 days, 15 hours left to enroll

741 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question