Cisco VPN client sw. Do all packets go to corporation?

I run a cisco vpn client on company computer hooked into cable and router.

I had thought that only 'company traffic' goes thru the vpn software and into company servers, with the non company traffice (yahoo, pop3 mail, etc) going normally thru the public internet. Recently, someone told me that everything I do on the client ends up being routed to company machine.  Do they see when I go to ebay during the day?

Is this right?  Why would the company even want to bother with traffic that it doesn't want encrypted, or isn't even interested in?

joemzAsked:
Who is Participating?
 
lrmooreConnect With a Mentor Commented:
Yes. All traffic between your PC (that's why your subnet is listed) and these subnets will be secured in the VPN tunnel
yy.0.0.0
nn.nn.0.0
xxx.xxx.xx.0
0
 
lrmooreCommented:
Two ways to think about remote VPN users -
1) allow them to connect and ONLY the traffic between the client and your company network gets encrypted and sent through the VPN. Don't care what they do on the Internet while connected.
2) While connectd to the company LAN by VPN, the remote client is treated just like any other PC on the network. The company has every right to monitor what you do on the internet while on their network. Some even block it alltogether. While you are on the VPN, you must be doing company business, and your internet access is blocked. You want to check out an auction on Ebay, drop the VPN first.

Are you allowed to shop ebay during the day if you are at work?

How can you tell with the client? While connected to the VPN, right-click the little yellow lock, Click Status | Statistics | Route Details
If you see 0.0.0.0 in Secured subnets, then everything you do goes through the company and they can tell what you did on the Internet.
If you only see your company LAN in the Secured subnets, then only the traffic to/from that subnet will be encrypted and sent through the VPN. Your normal browsing goes out your own internet connection and the company does not care what you do.
0
 
joemzAuthor Commented:
Just a followup

When I'm in the corporate office, I dont need a vpn, but i can't browse to public web sites

here at home I can go anywhere even while the vpn is running

the secured routes look like this:

network                                               subnet
yy.0.0.0                                           255.0.0.0       think this is company ip address
nnn.nnn.nnn.nnn                               255.255.0.0   company vpn ip address
192.168.0.0                                      255.255.255.0  i assume its my local, home, network
xxx.xxx.xxx.xxx                                  255.255.255.0  an IP address i don't recognize, and timeouts when i ping it

so, what does this all ad up to?
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
lrmooreCommented:
Looks like only the traffic that goes to the company LAN goes through the VPN tunnel.
They don't see anything else you do while connected.
0
 
joemzAuthor Commented:
Gotcha.  In english, does the subnet stuff mean that any address starting with yy, and any address starting with nnn.nnn will be secured?

and anything going to xxx.xxx.xxx, which is someplace I don't even know

why is my local lan on a secure route?

0
 
joemzAuthor Commented:
Great answer, great explanation. and Quick

Perfect.

Thanks
0
All Courses

From novice to tech pro — start learning today.