Solved

How to bypass VPN and Proxy on one of two browsers

Posted on 2010-11-22
8
2,274 Views
Last Modified: 2012-05-10
Hi all,

I'm connecting to my company through Cisco VPN Client but and also I have to set up proxy on my browser to work on the intranet and on Microsoft Outlook.

Is there any way to bypass proxy and VPN through a second browser while I'm connected? Ex. Youtube is locked while on VPN. I want to work on Internet Explorer and Outlook through the VPN and Proxy, but also view YouTube on Chrome.

Should I use another network card? How?

Hardware: Sony Vaio
Software: Windows 7 Pro
0
Comment
Question by:gkarydis
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 2

Expert Comment

by:ksaiki
ID: 34187567
it works youtube browsing if you logoff the vpn client, right?

you might need to check cisco vpn client split tunnel setting.  what is the result of 'netstat -r' on your pc?
if all routes going to the tunnel setting on vpn gateway need to be changed.

0
 

Author Comment

by:gkarydis
ID: 34188022
Don't know how to check split tunnel setting. Can't find it on cisco vpn client.

'netstat -r' results:

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.27     25
          0.0.0.0          0.0.0.0       172.21.2.1     172.21.2.215     21
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
       172.21.2.0    255.255.255.0         On-link      172.21.2.215    276
     172.21.2.215  255.255.255.255         On-link      172.21.2.215    276
     172.21.2.255  255.255.255.255         On-link      172.21.2.215    276
      192.168.1.0    255.255.255.0         On-link      192.168.1.27    281
      192.168.1.0    255.255.255.0       172.21.2.1     172.21.2.215    281
      192.168.1.1  255.255.255.255         On-link      192.168.1.27    100
     192.168.1.27  255.255.255.255         On-link      192.168.1.27    281
     192.168.1.27  255.255.255.255       172.21.2.1     172.21.2.215    281
    192.168.1.255  255.255.255.255         On-link      192.168.1.27    281
     212.205.87.2  255.255.255.255      192.168.1.1     192.168.1.27    100
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.27    281
        224.0.0.0        240.0.0.0         On-link      172.21.2.215    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.27    281
  255.255.255.255  255.255.255.255         On-link      172.21.2.215    276
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0    172.18.125.65  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 20     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 20     58 2001::/32                On-link
 20    306 2001:0:5ef5:79fd:6c:3842:53ea:fd28/128
                                    On-link
 11    281 fe80::/64                On-link
 13    276 fe80::/64                On-link
 20    306 fe80::/64                On-link
 20    306 fe80::6c:3842:53ea:fd28/128
                                    On-link
 11    281 fe80::8403:aece:401a:705f/128
                                    On-link
 13    276 fe80::d182:fa75:b696:a149/128
                                    On-link
  1    306 ff00::/8                 On-link
 20    306 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
 13    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
0
 
LVL 2

Expert Comment

by:ksaiki
ID: 34195431
which interface is cisco vpn client?
192.168.1.27    or
172.21.2.215
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 

Author Comment

by:gkarydis
ID: 34195513
interface? you mean my ip address mentioned below? 172.21.2.xxx

If you mean my wifi's ip then

IPv4 Address. . . . . . . . . . . : 192.168.1.102
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1

sorry i'm not an expert :-p
0
 
LVL 2

Expert Comment

by:ksaiki
ID: 34195610
Hi

Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.27     25
          0.0.0.0          0.0.0.0       172.21.2.1     172.21.2.215     21

according to netstat -r result you have 2 interfaces one has 192.168.1.27 and the other one 172.21.2.215.
I don't see 192.168.1.102 on the result.

Can you gve me the result of 'ipconfig /all' ?

I assume your Cisco VPN clietn obtains IP 172.21.2.215 and metric ls lower so all trafic go to VPN tunnel.  If you change the metric of wifi interface of 192.168.1.xxx to eg. 20 all internet trafic does not go to the tunnle. You can change this at properties setting of TCP/IP - advanced - remove auto seting then set 20.


The split tunnel can be configured at VPN concentrator (or VPN gateway) not on your client end.


0
 

Author Comment

by:gkarydis
ID: 34195652
fyi I don't have a static IP



Windows IP Configuration

   Host Name . . . . . . . . . . . . : xxx
   Primary Dns Suffix  . . . . . . . : xxx
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : xxx

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Marvell Yukon 88E8059 PCI-E Gigabit Ether
net Controller
   Physical Address. . . . . . . . . : xxx
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
   Physical Address. . . . . . . . . : xxx
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::8403:aece:401a:705f%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.27(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, 23 November 2010
   Lease Expires . . . . . . . . . . : Wednesday 24 November 2010
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 187466072
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-D5-B3-2A-2C-81-58-FC-41-AA

   DNS Servers . . . . . . . . . . . : 195.170.0.1
                                       195.170.2.2
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{63378EC1-ADDE-4327-872D-8616009BCA18}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:c51:32d3:3f57:fee4(Prefe
rred)
   Link-local IPv6 Address . . . . . : fe80::c51:32d3:3f57:fee4%20(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{502D4812-9BBC-4142-92B9-CF3157058086}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
0
 

Author Comment

by:gkarydis
ID: 34195691
I don't have access on the VPN concentrator (or VPN gateway)
0
 
LVL 2

Accepted Solution

by:
ksaiki earned 500 total points
ID: 34195721
Enabling plit tunnel on VPN gateway is ideal. You have certain remote network to access via tunnel and rest of them(internet) go to your wifi network.
If you don't have control of the VPN gateway this can not be done.
If you have control of DHCP server (maybe on Wifi Access point) you might be able to change the metric.
0

Featured Post

IoT Devices - Fast, Cheap or Secure…Pick Two

The IoT market is growing at a rapid pace and manufacturers are under pressure to quickly provide new products. Can you be sure that your devices do what they're supposed to do, while still being secure?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses
Course of the Month11 days, 13 hours left to enroll

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question