Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How do I route a website through a VPN tunnel?

Posted on 2008-10-14
7
Medium Priority
?
683 Views
Last Modified: 2012-08-14
Hello,
At my place of work we have an external website that we have a subscription to and it can be accessed by any computer within our internal network as our license is based on our external IP address. We have external offices that are connected by VPN tunnels that can not access this site as their external IPs are different from our main branch. What I would like to do is route all traffic to this site over the VPN tunnels to the main site and out the main sites firewall. Essentially tricking the website into thinking the request is coming from the main campus. I have all the routes added correctly and the tunnel shows up but the traffic does not go down the pipe as it should. In theory it should work but I have went wrong somewhere. Any ideas? Is the theory I have in my head a figment of my imagination? :P Thanks in advance!

Chris
0
Comment
Question by:cjensen24
  • 3
  • 3
7 Comments
 
LVL 23

Expert Comment

by:debuggerau
ID: 22718078
are you able to change the default gateway on the new clients to reflect the internet access via the VPN tunnel trunk?
0
 

Author Comment

by:cjensen24
ID: 22718089
I am routing the IP of the external site through the tunnel as I don't want them surfing the web through these tunnels. I just want them accessing this website through the tunnel along with internal resources.
0
 
LVL 14

Accepted Solution

by:
Roachy1979 earned 2000 total points
ID: 22719080
The theory is correct...

Can you just confirm that when running a traceroute using the hostname what happens - run the traceroute again using the IP and confirm the 2 are the same?

Can you also print the routing table on the clients and also on the VPN gateway...as this might give some clues.

Worst case scenario, by implementing a proxy at your office and configuring web clients to use that then that would alter the originator address to a permitted one..... You could get around the configuration by using one browser for general web access not using the proxy (eg. Firefox) and one browser for the other site (eg. Opera or IE).  A squid server would easily allow you to do this or you could set up a simple socks proxy using SSH...


0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 14

Expert Comment

by:Roachy1979
ID: 22719088
If you go down the second router (2 browsers, one for general web access and one for this site), then configuring a Socks proxy would be the easiest way to do this....just thought I'd add instuctions...

http://lifehacker.com/software/ssh/geek-to-live--encrypt-your-web-browsing-session-with-an-ssh-socks-proxy-237227.php

0
 

Author Comment

by:cjensen24
ID: 22723360
Thank you for your assistance. I am going to give the proxy server a try. It sounds like the best bet to make this work in our environment. I will give an update on the progress as soon as I get a chance to set it up.

Chris
0
 
LVL 14

Expert Comment

by:Roachy1979
ID: 22723947
No problem - if you need any help at all post back here....

Good luck :)
0
 

Author Comment

by:cjensen24
ID: 22833006
I am sorry I have not fully been able to test this solution as I have been dealing with spam filter issues and telephony issues. I will go ahead and close this question so that you can get credit for the answer as it is the only solution that can work. Thank you for all your assistance, I appreciate it!

Chris
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Overview Often, we set up VPN appliances where the connected clients are on a separate subnet and the company will have alternate internet connections and do not use this particular device as the gateway for certain servers or clients. In this case…
I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question