Solved

VPN Question

Posted on 2011-09-10
7
248 Views
Last Modified: 2012-05-12
I have a question about VPN's if I may, I know this will be a very easy question to answer for experts on the subject.

If I am on a computer that has Internet, and then I connect to a VPN (through a cisco or built in windows client), then does ALL of my network traffic automatically route through the VPN I am actively connected to? Are there exceptions? If all traffic routes through the VPN, am I correct in thinking you couldn't have two VPN connections (as you can only have one gateway?)

Thanks.
0
Comment
Question by:ouch_mybrain_
7 Comments
 
LVL 2

Accepted Solution

by:
Ski_Man earned 21 total points
ID: 36517391
Yep you are correct. As far as i'm aware there are no exceptions.
0
 
LVL 94

Assisted Solution

by:John Hurst
John Hurst earned 21 total points
ID: 36517392
>>>> then does ALL of my network traffic automatically route through the VPN I am actively connected to?

It depends on the VPN. With Microsoft VPN, yes. With IPSec VPN and split tunneling, no. Split tunneling routes internet traffic through the internet and company traffic through the VPN. I like IPSec better than PPTP and this is one of the reasons.

>>> am I correct in thinking you couldn't have two VPN connections  <-- to the same host?  I think you can only have one connection.

... Thinkpads_User
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 42 total points
ID: 36517396
If I am on a computer that has Internet, and then I connect to a VPN (through a cisco or built in windows client), then does ALL of my network traffic automatically route through the VPN I am actively connected to?

No, all that happens is routes are created for the VPN network and a new interface created to route them them through.  If your destination is not on one of those networks that is strictly for the VPN, then traffic will go out whatever interfaces it would as if the VPN was not connected.  Odds are the VPN is also going to set your name servers to ones for the VPN, so any DNS request you make could still be logged someplace on the other side of the VPN.

You can have 2 VPN's at once and all should work fine if the routes are setup properly and there is no overlap of routes/subnets between VPN networks.

All of this however is assuming that the person who setup your VPN didn't create some ridiculous routing policies that really does route all of your traffic over it, but that would be really really dumb... but possible.
0
Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

 
LVL 4

Assisted Solution

by:ZephyrTC
ZephyrTC earned 21 total points
ID: 36517412
It really depends more on the configuration of the VPN you are accessing.  The destination site would have rules in place that will dictate which IP address range(s) that are sent through the VPN tunnel when you connect.  This can be just the corporate network, or it can be ALL addresses.  In some environments, VPN connectivity forces even internet traffic to be routed through the VPN and subsequently through the corporate internet connection for security reasons.

On your question about if you can connect two VPNs at one time, its not advisable.
0
 

Assisted Solution

by:csg-tech
csg-tech earned 20 total points
ID: 36517444
You can configure the Microsoft VPN client to do split tunneling. When configuring the Properties, on the Networking tab highlight Internet Protocol (TCP/IP) , click Properties, then Advanced. On the General tab, de-select "Use default gateway on remote network".
0
 

Author Comment

by:ouch_mybrain_
ID: 36518303
I suppose in order for me to prove what is and isn't running through the VPN connection, I could run a traceroute or a netstat? Or if not, is there a bit of software that can do this?
0
 
LVL 21

Assisted Solution

by:Papertrip
Papertrip earned 42 total points
ID: 36518306
Absolutely.

netstat -rn

Open in new window

0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
sonicwall content filter on vpn 13 47
site - site VPN 3 42
VNC stopped working when I log off the PC connected via VPN 20 27
SBS2011 VPN users no longer connecting 4 32
I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question