Solved

How do I route a website through a VPN tunnel?

Posted on 2008-10-14
7
678 Views
Last Modified: 2012-08-14
Hello,
At my place of work we have an external website that we have a subscription to and it can be accessed by any computer within our internal network as our license is based on our external IP address. We have external offices that are connected by VPN tunnels that can not access this site as their external IPs are different from our main branch. What I would like to do is route all traffic to this site over the VPN tunnels to the main site and out the main sites firewall. Essentially tricking the website into thinking the request is coming from the main campus. I have all the routes added correctly and the tunnel shows up but the traffic does not go down the pipe as it should. In theory it should work but I have went wrong somewhere. Any ideas? Is the theory I have in my head a figment of my imagination? :P Thanks in advance!

Chris
0
Comment
Question by:cjensen24
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 23

Expert Comment

by:debuggerau
ID: 22718078
are you able to change the default gateway on the new clients to reflect the internet access via the VPN tunnel trunk?
0
 

Author Comment

by:cjensen24
ID: 22718089
I am routing the IP of the external site through the tunnel as I don't want them surfing the web through these tunnels. I just want them accessing this website through the tunnel along with internal resources.
0
 
LVL 14

Accepted Solution

by:
Roachy1979 earned 500 total points
ID: 22719080
The theory is correct...

Can you just confirm that when running a traceroute using the hostname what happens - run the traceroute again using the IP and confirm the 2 are the same?

Can you also print the routing table on the clients and also on the VPN gateway...as this might give some clues.

Worst case scenario, by implementing a proxy at your office and configuring web clients to use that then that would alter the originator address to a permitted one..... You could get around the configuration by using one browser for general web access not using the proxy (eg. Firefox) and one browser for the other site (eg. Opera or IE).  A squid server would easily allow you to do this or you could set up a simple socks proxy using SSH...


0
Webinar June 1st - Attacking Ransomware  

The global cyberattack that corrupted hundreds of thousands of computer systems on May 12th had a face, name, & price tag that we’ve seen all too often in recent years: Ransomware. With the stakes – and costs – of a ransomware attack higher than ever, is your business prepared ?

 
LVL 14

Expert Comment

by:Roachy1979
ID: 22719088
If you go down the second router (2 browsers, one for general web access and one for this site), then configuring a Socks proxy would be the easiest way to do this....just thought I'd add instuctions...

http://lifehacker.com/software/ssh/geek-to-live--encrypt-your-web-browsing-session-with-an-ssh-socks-proxy-237227.php

0
 

Author Comment

by:cjensen24
ID: 22723360
Thank you for your assistance. I am going to give the proxy server a try. It sounds like the best bet to make this work in our environment. I will give an update on the progress as soon as I get a chance to set it up.

Chris
0
 
LVL 14

Expert Comment

by:Roachy1979
ID: 22723947
No problem - if you need any help at all post back here....

Good luck :)
0
 

Author Comment

by:cjensen24
ID: 22833006
I am sorry I have not fully been able to test this solution as I have been dealing with spam filter issues and telephony issues. I will go ahead and close this question so that you can get credit for the answer as it is the only solution that can work. Thank you for all your assistance, I appreciate it!

Chris
0

Featured Post

Defend Your Organization from The Greatest Threats

Looking to fill the gaps in your security? Bring together information from the network, endpoint and threat intelligence feeds to really see what's happening in your organization. Join the WatchGuardians in their adventures fighting cyber crime!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Some of you may have heard that SonicWALL has finally released an app for iOS devices giving us long awaited connectivity for our iPhone's, iPod's, and iPad's. This guide is just a quick rundown on how to get up and running quickly using the app. …
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question