?
Solved

Force VPN Connection Before Accessing Any Network

Posted on 2006-11-17
5
Medium Priority
?
1,120 Views
Last Modified: 2012-06-21

Hi Experts:

I'd like to force my travelling users to start the VPN before they log into a wireless (or wired) network.

So if one of my users travels to a hotel with a wide-open wireless network I want them to have to log in to the VPN b/f they can surf the Internet.

I've fiddled with bridging the two without success so I wonder if there is any freeware or windows settings that can require a VPN connection before a LAN is connected.

Any help would be appreciated.
0
Comment
Question by:ericbruntjen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 4

Expert Comment

by:Smacky311
ID: 17966359
You will need a domain and you can disable cached account login through the domain.  Then users will be required to contact the domain controller prior to logging into their laptop.  Cisco VPN software allows "Start before login" and this allows them to login to the VPN at the control+alt+del screen for windows login.  

This will achieve the desired effect.
0
 
LVL 1

Author Comment

by:ericbruntjen
ID: 17966533

Thanks for the quick reply. The VPN isn't my own network so they can't authenticate into my domain from there. Its a good idea but I'm still hoping for something else.

I'm thinking of blocking IE and Outlook from the wireless adapter but not the VPN, that way they'd at least have incentive to log in to the VPN otherwise what would the point of connecting be? That might work in practice but in principle its pretty ugly.

E.
0
 
LVL 4

Accepted Solution

by:
Smacky311 earned 225 total points
ID: 17966707
What if you installed personal firewalls on the machines that blocked all ports outside of the necessary ports for VPN.  This way I believe you should still be able to access internet through the VPN, but all other adapters will be blocked.
0
 
LVL 77

Assisted Solution

by:Rob Williams
Rob Williams earned 150 total points
ID: 17972860
>>"force my traveling users to start the VPN before they log into a wireless (or wired) network"
Sounds a little impossible, in that they need an Internet connection to connect to the VPN. However, if you statically assigned the DNS server, in their TCP/IP properties, to be only your internal DNS server, they would not be able to browse the Internet or access any resource by DNS name, except through the VPN tunnel. To make doubly sure, force all traffic through the VPN tunnel by disabling split tunneling (usually is by default). On the Windows client, this is done on the VPN client by enabling "use default gateway on remote network".
Just a thought.
0
 
LVL 77

Expert Comment

by:Rob Williams
ID: 17982354
Thanks ericbruntjen. Cheers !
--Rob
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Suggested Courses
Course of the Month12 days, 18 hours left to enroll

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question