Solved

Juniper Network Connect block access to LAN

Posted on 2011-03-01
8
2,924 Views
Last Modified: 2012-08-14
I´m using Juniper Network Connect, and connection to VPN is good, but it adds automaticaly routes to manage all trafic through Network Connect Adapter. It affects the connection to my LAN, so, when i use the VPN i´m not able to connect with other computers or server in my LAN.

I read about changing metric on Network COnnect Adapter, but i´m not able to see it on Network Connections Windows. SO is WIndows XP SP3

Thanks in advance.
0
Comment
Question by:fresnillo
8 Comments
 
LVL 6

Expert Comment

by:alienXeno
ID: 35014465
You can configure split tunneling  under NC options for the user roles on the Juniper SA to solve this problem.


0
 

Author Comment

by:fresnillo
ID: 35014639
Sorry, i didn´t explain all detail.

The VPN is used to support services to my company´s client, but when i connect to do that, i lose aly other connection to internet, email and internal application.

Of course, i´m not able to modify VPN policies, that´s why i´m loking for other option.
0
 
LVL 69

Expert Comment

by:Qlemo
ID: 35015289
Usually that is is intentionally set by the remote IT folks. Only if they are not capable of changing the split tunneling setting in the SA you should think about circumventing it:

Create two less general routes for default gateway:
   route add -p 0.0.0.0 mask 128.0.0.0 «yourgatewayhere»
   route add -p 128.0.0.0 mask 128.0.0.0 «yourgatewayhere»

That should allow to Internet traffic again, if Network Connect is not intercepting the traffic via a filter driver (didn't test that - do have split tunneling only to our clients).
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 69

Expert Comment

by:Qlemo
ID: 35015296
The above can only help with the Internet issue. You might need to use a similar approach for your LAN.
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 35016945
Modifying the local routing table will only work if "route monitoring" is not enabled on the SA side.  If it is enabled (most likely), Network Connect will disconnect the session once you modify the routing table.  Really the only way around the "policy" would be to have a conversation with the SA admin to make an exception for you if deemed necessary.
0
 

Author Comment

by:fresnillo
ID: 35018472
Yes, i have already try changing the routes manually, but Network Connect detects that and drops the connection.

It´s strange, but i have a laptop with Windows7 Pro, using the same version of Network Connect. On that laptop i´m able to work with LAN when i use wireless connection, if I use wired connection it didn´t work. As if when it´s connected by wireless it ignores routes assigned by Network Connect.

I try tha same on WinXP, adding a wireless card. but in this case, Network Connect affects both connections.

I suppose WIn7 behavior has a bug, that in this case helps me, but i´m looking to make it works on WinXP.
0
 
LVL 69

Accepted Solution

by:
Qlemo earned 500 total points
ID: 35018983
It is intentionally, so you should not try to work around it. The only "legal" approach is to use it in a Virtual Machine you then have to access via the integrated remote control tools (MS VPC: RDP, VMWare: VIX or Web Browser plug-in).
0
 

Author Closing Comment

by:fresnillo
ID: 35074768
I used Virtual PC to be able to do that
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Claiming a Domain Name 7 40
winscp 000webhost.com 6 53
DMVPN Spoke Connectivity Issue 1 25
NAT Public IP through a VPN 17 41
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question