Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Cisco VPN client sw.  Do all packets go to corporation?

Posted on 2004-10-21
Medium Priority
Last Modified: 2010-04-12
I run a cisco vpn client on company computer hooked into cable and router.

I had thought that only 'company traffic' goes thru the vpn software and into company servers, with the non company traffice (yahoo, pop3 mail, etc) going normally thru the public internet. Recently, someone told me that everything I do on the client ends up being routed to company machine.  Do they see when I go to ebay during the day?

Is this right?  Why would the company even want to bother with traffic that it doesn't want encrypted, or isn't even interested in?

Question by:joemz
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 79

Expert Comment

ID: 12380531
Two ways to think about remote VPN users -
1) allow them to connect and ONLY the traffic between the client and your company network gets encrypted and sent through the VPN. Don't care what they do on the Internet while connected.
2) While connectd to the company LAN by VPN, the remote client is treated just like any other PC on the network. The company has every right to monitor what you do on the internet while on their network. Some even block it alltogether. While you are on the VPN, you must be doing company business, and your internet access is blocked. You want to check out an auction on Ebay, drop the VPN first.

Are you allowed to shop ebay during the day if you are at work?

How can you tell with the client? While connected to the VPN, right-click the little yellow lock, Click Status | Statistics | Route Details
If you see in Secured subnets, then everything you do goes through the company and they can tell what you did on the Internet.
If you only see your company LAN in the Secured subnets, then only the traffic to/from that subnet will be encrypted and sent through the VPN. Your normal browsing goes out your own internet connection and the company does not care what you do.

Author Comment

ID: 12380703
Just a followup

When I'm in the corporate office, I dont need a vpn, but i can't browse to public web sites

here at home I can go anywhere even while the vpn is running

the secured routes look like this:

network                                               subnet
yy.0.0.0                                        think this is company ip address
nnn.nnn.nnn.nnn                        company vpn ip address                              i assume its my local, home, network
xxx.xxx.xxx.xxx                          an IP address i don't recognize, and timeouts when i ping it

so, what does this all ad up to?
LVL 79

Expert Comment

ID: 12380739
Looks like only the traffic that goes to the company LAN goes through the VPN tunnel.
They don't see anything else you do while connected.
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.


Author Comment

ID: 12380875
Gotcha.  In english, does the subnet stuff mean that any address starting with yy, and any address starting with nnn.nnn will be secured?

and anything going to xxx.xxx.xxx, which is someplace I don't even know

why is my local lan on a secure route?

LVL 79

Accepted Solution

lrmoore earned 1000 total points
ID: 12381067
Yes. All traffic between your PC (that's why your subnet is listed) and these subnets will be secured in the VPN tunnel

Author Comment

ID: 12381115
Great answer, great explanation. and Quick



Featured Post

[Webinar] Lessons on Recovering from Petya

Skyport is working hard to help customers recover from recent attacks, like the Petya worm. This work has brought to light some important lessons. New malware attacks like this can take down your entire environment. Learn from others mistakes on how to prevent Petya like worms.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you connect to your workplace's VPN, you may not notice that you are using your workplace's servers to serve up webpages.  This might be undesirable since the workplace can log all the places you've been.  It also might be very slow to load pag…
Using Windows 2008 RRAS, I was able to successfully VPN into the network, but I was having problems restricting my test user from accessing certain things on the network.  I used Google in order to try to find out how to stop people from accessing c…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question