Solved

How to bypass VPN and Proxy on one of two browsers

Posted on 2010-11-22
8
2,104 Views
Last Modified: 2012-05-10
Hi all,

I'm connecting to my company through Cisco VPN Client but and also I have to set up proxy on my browser to work on the intranet and on Microsoft Outlook.

Is there any way to bypass proxy and VPN through a second browser while I'm connected? Ex. Youtube is locked while on VPN. I want to work on Internet Explorer and Outlook through the VPN and Proxy, but also view YouTube on Chrome.

Should I use another network card? How?

Hardware: Sony Vaio
Software: Windows 7 Pro
0
Comment
Question by:gkarydis
  • 4
  • 4
8 Comments
 
LVL 2

Expert Comment

by:ksaiki
ID: 34187567
it works youtube browsing if you logoff the vpn client, right?

you might need to check cisco vpn client split tunnel setting.  what is the result of 'netstat -r' on your pc?
if all routes going to the tunnel setting on vpn gateway need to be changed.

0
 

Author Comment

by:gkarydis
ID: 34188022
Don't know how to check split tunnel setting. Can't find it on cisco vpn client.

'netstat -r' results:

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.27     25
          0.0.0.0          0.0.0.0       172.21.2.1     172.21.2.215     21
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
       172.21.2.0    255.255.255.0         On-link      172.21.2.215    276
     172.21.2.215  255.255.255.255         On-link      172.21.2.215    276
     172.21.2.255  255.255.255.255         On-link      172.21.2.215    276
      192.168.1.0    255.255.255.0         On-link      192.168.1.27    281
      192.168.1.0    255.255.255.0       172.21.2.1     172.21.2.215    281
      192.168.1.1  255.255.255.255         On-link      192.168.1.27    100
     192.168.1.27  255.255.255.255         On-link      192.168.1.27    281
     192.168.1.27  255.255.255.255       172.21.2.1     172.21.2.215    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.27    281
     212.205.87.2  255.255.255.255      192.168.1.1     192.168.1.27    100
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.27    281
        224.0.0.0        240.0.0.0         On-link      172.21.2.215    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.27    281
  255.255.255.255  255.255.255.255         On-link      172.21.2.215    276
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0    172.18.125.65  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 20     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 20     58 2001::/32                On-link
 20    306 2001:0:5ef5:79fd:6c:3842:53ea:fd28/128
                                    On-link
 11    281 fe80::/64                On-link
 13    276 fe80::/64                On-link
 20    306 fe80::/64                On-link
 20    306 fe80::6c:3842:53ea:fd28/128
                                    On-link
 11    281 fe80::8403:aece:401a:705f/128
                                    On-link
 13    276 fe80::d182:fa75:b696:a149/128
                                    On-link
  1    306 ff00::/8                 On-link
 20    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
 13    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
0
 
LVL 2

Expert Comment

by:ksaiki
ID: 34195431
which interface is cisco vpn client?
192.168.1.27    or
172.21.2.215
0
 

Author Comment

by:gkarydis
ID: 34195513
interface? you mean my ip address mentioned below? 172.21.2.xxx

If you mean my wifi's ip then

IPv4 Address. . . . . . . . . . . : 192.168.1.102
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1

sorry i'm not an expert :-p
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 2

Expert Comment

by:ksaiki
ID: 34195610
Hi

Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.27     25
          0.0.0.0          0.0.0.0       172.21.2.1     172.21.2.215     21

according to netstat -r result you have 2 interfaces one has 192.168.1.27 and the other one 172.21.2.215.
I don't see 192.168.1.102 on the result.

Can you gve me the result of 'ipconfig /all' ?

I assume your Cisco VPN clietn obtains IP 172.21.2.215 and metric ls lower so all trafic go to VPN tunnel.  If you change the metric of wifi interface of 192.168.1.xxx to eg. 20 all internet trafic does not go to the tunnle. You can change this at properties setting of TCP/IP - advanced - remove auto seting then set 20.


The split tunnel can be configured at VPN concentrator (or VPN gateway) not on your client end.


0
 

Author Comment

by:gkarydis
ID: 34195652
fyi I don't have a static IP



Windows IP Configuration

   Host Name . . . . . . . . . . . . : xxx
   Primary Dns Suffix  . . . . . . . : xxx
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : xxx

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Marvell Yukon 88E8059 PCI-E Gigabit Ether
net Controller
   Physical Address. . . . . . . . . : xxx
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
   Physical Address. . . . . . . . . : xxx
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::8403:aece:401a:705f%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.27(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, 23 November 2010
   Lease Expires . . . . . . . . . . : Wednesday 24 November 2010
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 187466072
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-D5-B3-2A-2C-81-58-FC-41-AA

   DNS Servers . . . . . . . . . . . : 195.170.0.1
                                       195.170.2.2
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{63378EC1-ADDE-4327-872D-8616009BCA18}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:c51:32d3:3f57:fee4(Prefe
rred)
   Link-local IPv6 Address . . . . . : fe80::c51:32d3:3f57:fee4%20(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{502D4812-9BBC-4142-92B9-CF3157058086}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
0
 

Author Comment

by:gkarydis
ID: 34195691
I don't have access on the VPN concentrator (or VPN gateway)
0
 
LVL 2

Accepted Solution

by:
ksaiki earned 500 total points
ID: 34195721
Enabling plit tunnel on VPN gateway is ideal. You have certain remote network to access via tunnel and rest of them(internet) go to your wifi network.
If you don't have control of the VPN gateway this can not be done.
If you have control of DHCP server (maybe on Wifi Access point) you might be able to change the metric.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now