Solved

cannot browse in IE while connected to cisco VPN

Posted on 2006-11-06
18
1,829 Views
Last Modified: 2013-11-16
I am connected to the vpn of a customer using the cisco vpn client ; when I am connecte dI am not able to browse internet ;any idea  why ?
0
Comment
Question by:royalcyber
18 Comments
 
LVL 43

Accepted Solution

by:
Steve Knight earned 500 total points
ID: 17885078
It has probably got an enforced policy that your local network is disconnected while connected via VPN for 'security'.  I tend to use a seperate VMWARE machine for each customer for their and my security and seperation and then I can connect back to my host machine for swapping files through specific shared file mappings without dropping the VPN and also keep on the local LAN and the internet on the host machine.  If it is a policy they have configured as part of the link I don't think there is a lot you can do about it short of something like the above.

0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17885092
(It could also be down to routing, i.e. the default route is heading through the VPN).
0
 
LVL 12

Expert Comment

by:Freya28
ID: 17885350
yes,  this shoudl be your issue

in modify or properties of your connection entry, go to the Transport tab and at the bottom check off Allow Local LAN Access

tell me if that works
0
 
LVL 4

Expert Comment

by:PaulRKrueger
ID: 17885369
That or the administrator is not passing a DNS address when they pass the new IP to you.
0
 
LVL 13

Expert Comment

by:prashsax
ID: 17885399
That is because your default gateway has been modified to point to the local network to which you are connecting.

So, now if you want to access internet, you need to configuring our browser to use proxy server in the remote network.

To see the changes, do this:
open DOS prompt.

Before connecting VPN.
print route > c:\vpnb.txt

Now connect the vpn.
print route > c:\vpna.txt

Both these files will contain your routing table before and after the VPN is connected.

0
 
LVL 12

Expert Comment

by:Freya28
ID: 17885410
yeah, but he should not use internet access through the end point.  he should only be passing LAN traffic through the tunnel.  being that he has internet access already there is no sense to browse through the tunnel back out through the enpoints internet access.  he should be using his own gateway for standard internet browsing.
0
 
LVL 12

Expert Comment

by:Freya28
ID: 17885420
he should not have to make any other change but the one i recommended.  but lets see what he says
0
Save on storage to protect fatherhood memories

You're the dad who has everything. This Father's Day, make sure your family memories are protected. My Passport Ultra has automatic backup and password protection to keep your cherished photos and videos safe. With up to 3TB, you have plenty of room to hold the adventures ahead.

 
LVL 12

Expert Comment

by:Freya28
ID: 17885471
if what i recommended earlier doesnt work, then i would check the cisco endpoint and see if that vpn group is also configured for split tunneling.

http://www.webopedia.com/TERM/S/split_tunneling.html
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17885520
Thats what I was getting at I think (not familiar wit the other end in this case).  i.e. if the other end is enforcing such as setting then you can't easily override your end.
0
 

Author Comment

by:royalcyber
ID: 17885537
when i check off Allow Local LAN Access; than I could connect to the yahoo messenger

but still cannot connect to google.com
0
 
LVL 12

Expert Comment

by:Freya28
ID: 17885557
hate to ask,  but did you disconnect the client and then reestablish the vpn connection?  and were you able to access the yahoo messanger before the change?
0
 
LVL 9

Expert Comment

by:FixingStuff
ID: 17885807
The older Cisco VPN client (around version 4.0.3 if I remember right) had various issues with LAN routing... At least in our environment.
You may want to try updating to the most recent client, if you have not already...
I'm on 4.8.01.0300 with no issues. We had a few clients on the older one with similar issues.
FS-
0
 
LVL 7

Expert Comment

by:instillmotion
ID: 17885872
Most probably your client has not configured split tunneling on their vpn device.
0
 
LVL 5

Expert Comment

by:drawlin
ID: 17887127
Yea, it's split tunneling.  I don't allow it on my firewall VPN connections.  It creates a backdoor to the Internet for network you a VPN'ed into.
0
 
LVL 43

Expert Comment

by:Steve Knight
ID: 17887293
So sound like  what I said in post #1 then really aside from the specific name of the function - I.e. you are in the hands of the people you are connecting to.

Make your life easier download vmware of virtual pc, bung in a 2000 or XP disc and setup a second OS to run the VPN on your existing machine (2000 uses less memory better if it is limited)

If I was your customer I wouldn't want a foreign network connected directly with mine like this either, it is fairly common practice, in fact on all corporate VPNs I connect to it is the case
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
OpenView NNM: Global Manager to Regional Manager connection fails 7 55
Super Scope, DHCP 5 51
Network Router- Access control List 4 53
network error 8 33
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now