Solved

How do I route a website through a VPN tunnel?

Posted on 2008-10-14
7
680 Views
Last Modified: 2012-08-14
Hello,
At my place of work we have an external website that we have a subscription to and it can be accessed by any computer within our internal network as our license is based on our external IP address. We have external offices that are connected by VPN tunnels that can not access this site as their external IPs are different from our main branch. What I would like to do is route all traffic to this site over the VPN tunnels to the main site and out the main sites firewall. Essentially tricking the website into thinking the request is coming from the main campus. I have all the routes added correctly and the tunnel shows up but the traffic does not go down the pipe as it should. In theory it should work but I have went wrong somewhere. Any ideas? Is the theory I have in my head a figment of my imagination? :P Thanks in advance!

Chris
0
Comment
Question by:cjensen24
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 23

Expert Comment

by:debuggerau
ID: 22718078
are you able to change the default gateway on the new clients to reflect the internet access via the VPN tunnel trunk?
0
 

Author Comment

by:cjensen24
ID: 22718089
I am routing the IP of the external site through the tunnel as I don't want them surfing the web through these tunnels. I just want them accessing this website through the tunnel along with internal resources.
0
 
LVL 14

Accepted Solution

by:
Roachy1979 earned 500 total points
ID: 22719080
The theory is correct...

Can you just confirm that when running a traceroute using the hostname what happens - run the traceroute again using the IP and confirm the 2 are the same?

Can you also print the routing table on the clients and also on the VPN gateway...as this might give some clues.

Worst case scenario, by implementing a proxy at your office and configuring web clients to use that then that would alter the originator address to a permitted one..... You could get around the configuration by using one browser for general web access not using the proxy (eg. Firefox) and one browser for the other site (eg. Opera or IE).  A squid server would easily allow you to do this or you could set up a simple socks proxy using SSH...


0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 14

Expert Comment

by:Roachy1979
ID: 22719088
If you go down the second router (2 browsers, one for general web access and one for this site), then configuring a Socks proxy would be the easiest way to do this....just thought I'd add instuctions...

http://lifehacker.com/software/ssh/geek-to-live--encrypt-your-web-browsing-session-with-an-ssh-socks-proxy-237227.php

0
 

Author Comment

by:cjensen24
ID: 22723360
Thank you for your assistance. I am going to give the proxy server a try. It sounds like the best bet to make this work in our environment. I will give an update on the progress as soon as I get a chance to set it up.

Chris
0
 
LVL 14

Expert Comment

by:Roachy1979
ID: 22723947
No problem - if you need any help at all post back here....

Good luck :)
0
 

Author Comment

by:cjensen24
ID: 22833006
I am sorry I have not fully been able to test this solution as I have been dealing with spam filter issues and telephony issues. I will go ahead and close this question so that you can get credit for the answer as it is the only solution that can work. Thank you for all your assistance, I appreciate it!

Chris
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you connect to your workplace's VPN, you may not notice that you are using your workplace's servers to serve up webpages.  This might be undesirable since the workplace can log all the places you've been.  It also might be very slow to load pag…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question