• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 259
  • Last Modified:

VPN Question

I have a question about VPN's if I may, I know this will be a very easy question to answer for experts on the subject.

If I am on a computer that has Internet, and then I connect to a VPN (through a cisco or built in windows client), then does ALL of my network traffic automatically route through the VPN I am actively connected to? Are there exceptions? If all traffic routes through the VPN, am I correct in thinking you couldn't have two VPN connections (as you can only have one gateway?)

Thanks.
0
ouch_mybrain_
Asked:
ouch_mybrain_
6 Solutions
 
Ski_ManCommented:
Yep you are correct. As far as i'm aware there are no exceptions.
0
 
JohnBusiness Consultant (Owner)Commented:
>>>> then does ALL of my network traffic automatically route through the VPN I am actively connected to?

It depends on the VPN. With Microsoft VPN, yes. With IPSec VPN and split tunneling, no. Split tunneling routes internet traffic through the internet and company traffic through the VPN. I like IPSec better than PPTP and this is one of the reasons.

>>> am I correct in thinking you couldn't have two VPN connections  <-- to the same host?  I think you can only have one connection.

... Thinkpads_User
0
 
PapertripCommented:
If I am on a computer that has Internet, and then I connect to a VPN (through a cisco or built in windows client), then does ALL of my network traffic automatically route through the VPN I am actively connected to?

No, all that happens is routes are created for the VPN network and a new interface created to route them them through.  If your destination is not on one of those networks that is strictly for the VPN, then traffic will go out whatever interfaces it would as if the VPN was not connected.  Odds are the VPN is also going to set your name servers to ones for the VPN, so any DNS request you make could still be logged someplace on the other side of the VPN.

You can have 2 VPN's at once and all should work fine if the routes are setup properly and there is no overlap of routes/subnets between VPN networks.

All of this however is assuming that the person who setup your VPN didn't create some ridiculous routing policies that really does route all of your traffic over it, but that would be really really dumb... but possible.
0
Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

 
ZephyrTCCommented:
It really depends more on the configuration of the VPN you are accessing.  The destination site would have rules in place that will dictate which IP address range(s) that are sent through the VPN tunnel when you connect.  This can be just the corporate network, or it can be ALL addresses.  In some environments, VPN connectivity forces even internet traffic to be routed through the VPN and subsequently through the corporate internet connection for security reasons.

On your question about if you can connect two VPNs at one time, its not advisable.
0
 
csg-techCommented:
You can configure the Microsoft VPN client to do split tunneling. When configuring the Properties, on the Networking tab highlight Internet Protocol (TCP/IP) , click Properties, then Advanced. On the General tab, de-select "Use default gateway on remote network".
0
 
ouch_mybrain_Author Commented:
I suppose in order for me to prove what is and isn't running through the VPN connection, I could run a traceroute or a netstat? Or if not, is there a bit of software that can do this?
0
 
PapertripCommented:
Absolutely.

netstat -rn

Open in new window

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now