VPN - when connectd cant browse the web
I have a client who is now working from home. They have a synology NAS in the office so connect via vpn to the office. It works fie for some but not others.
They are 100% mac. The ip range at the office is on the 192.168.0.0 range. As is common so are soe of the staff on their home intenet connection.
We use TunnelBlick client of the ckient Macs to VPN in and that connects fine. Initially I was unable to connect to the server so I ticked the checkbox to pass all traffic through the VPN. They can then connect to the server no problem.
The problem is that when they are connected to the VPN they are unable to browse the internet. They have to disconnect the vpn and then they can browse fine.
What can I do to resolve this? Maybe the dublicate ip range at each end og the VPN is the issue but currently I am unable to get into the office to chnage the range to something else.
What can I do?
They are 100% mac. The ip range at the office is on the 192.168.0.0 range. As is common so are soe of the staff on their home intenet connection.
We use TunnelBlick client of the ckient Macs to VPN in and that connects fine. Initially I was unable to connect to the server so I ticked the checkbox to pass all traffic through the VPN. They can then connect to the server no problem.
The problem is that when they are connected to the VPN they are unable to browse the internet. They have to disconnect the vpn and then they can browse fine.
What can I do to resolve this? Maybe the dublicate ip range at each end og the VPN is the issue but currently I am unable to get into the office to chnage the range to something else.
What can I do?
Last Comment
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
After connecting, if you can't reach the Internet, it's likely that your setup has
A DNS problem and/or
A routing problem and/or
A problem with the VPN server
Tunnelblick includes the ability to diagnose some DNS problems and will warn you about some common configuration problems.
please refer to this link for details :https://tunnelblick.net/cConnectedBut.html#if-openvpn-is-connected-to-the-server-but-you-cant-access-the-internet
A DNS problem and/or
A routing problem and/or
A problem with the VPN server
Tunnelblick includes the ability to diagnose some DNS problems and will warn you about some common configuration problems.
please refer to this link for details :https://tunnelblick.net/cConnectedBut.html#if-openvpn-is-connected-to-the-server-but-you-cant-access-the-internet
The issue is that they are tunnelling everything to the office and that will block access outside of that connection.
So:
1. They continue to do as they are - probably not user friendly
2. Configure split tunnelling so traffic to the office goes over the VPN but anything else does not - this can have its issues and inadvertently broadcast internal network names to local DNS, allow apps to try and connect over the internet and worst case, lead to data leakage but it depends on what they are doing and what apps they are using locally - properly configured, it should not allow data leakage
3. Allow them to access the internet via your Office connection - you could implement a Proxy with content filtering and other controls to apply policies preventing them accessing inappropriate content when using work laptops or alternatively, your existing VPN termination may have this feature and it's just configuring and enabling it?
3 does have potential issues and should only be considered if there is sufficient bandwidth in/out of the office.
So:
1. They continue to do as they are - probably not user friendly
2. Configure split tunnelling so traffic to the office goes over the VPN but anything else does not - this can have its issues and inadvertently broadcast internal network names to local DNS, allow apps to try and connect over the internet and worst case, lead to data leakage but it depends on what they are doing and what apps they are using locally - properly configured, it should not allow data leakage
3. Allow them to access the internet via your Office connection - you could implement a Proxy with content filtering and other controls to apply policies preventing them accessing inappropriate content when using work laptops or alternatively, your existing VPN termination may have this feature and it's just configuring and enabling it?
3 does have potential issues and should only be considered if there is sufficient bandwidth in/out of the office.
You can install a client to use on the office on a VM (VirtualBox, VMware) and connect from that client. Then you host ( laptop/desktop) can continue to access the internet as you were used to do.
Networking
Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.
102K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
Open in new window
where X - address of your VPN server in office networkYou may have problems if home network is also 192.168.0.0