• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 189
  • Last Modified:

Sharing of a VPN connexion trough a Windows server

Hi Experts - I'm trying to achieve the following: Share a VPN connexion (Using CISCO VPN Client) from a Win Server 2003 having 2 network cards installed. (The Cisco Client creates a third network card which looks to be a virtual one)

SETUP: Network Card 1 connected to Internet Router, set to DHCP. Receives proper IP settings and able to connect to the internet. Activated the Internet Sharing on this Network Card
Network Card 2 connected to switch.
Clients computers configured with static IPs (for now) are setup and configured to use the server's Network Card 2 as a gateway, and connect properly to the internet.

RESULTS: When I connect the server to the corporate Cisco VPN, the clients machines are no longer able to browse the net, meaning that they are not using the VPN tunnel from the server. How can I get them in the tunnel?

This question is quite urgent as I have to get this setup going for a meeting to be held at an hotel. Thanks for your quick responses!
0
Francis_B
Asked:
Francis_B
  • 2
1 Solution
 
Rob WilliamsCommented:
The Cisco client has a built-in security feature protecting the remote network from local connections and the Internet, thus blocking the Internet access. There is nothing that can be done from your end. The Cisco admin at the remote site would have to enable split-tunneling for you to be able to have local/internet access while the VPN is connected, which can be done, but defeats the security.
0
 
Francis_BAuthor Commented:
I did try to change the transport to use TCP instead of UDP, and so far I am able to connect 10 clients from the same shared internet connection.  Its not exactly the same setup as my initial question, but should handle our needs for the hotel conference...Thanks for your input Rob!
0
 
wazoo9000Commented:
If i understand your question correctly, You have to enable the clients do split tunneling otherwise the client assumes that you want all traffic to travel down the tunnel.  If you want the clients to use the tunnel to access the internet you need to set up a default route on your cisco device to route to your gateway network card.  
0
 
Rob WilliamsCommented:
I object to deleting the question. Both wazoo9000 explained why this will not work.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now