----- Original Message ----- From: "Eric Crist" <[EMAIL PROTECTED]>
To: "'Jonathan T. Sage'" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, August 17, 2004 8:48 PM
Subject: RE: [OT] VPN issues with some windows users...
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jonathan T. Sage Sent: Tuesday, August 17, 2004 8:51 PM To: Eric Crist Cc: [EMAIL PROTECTED] Subject: Re: [OT] VPN issues with some windows users...
Eric Crist wrote:
> Hello all, > > I'm sorry this is a bit off-topic, but you're the only truly > knowledgable group I know. ;) Some fellow users and I have been > having some issues connecting to a Cisco VPN system with the built-in > windows VPN software. While successfully connected to the internet > (at home, for example), I connect to the remote VPN. Instantly, my > internet connectivity seems to be lost, but I can use the VPN > perfectly fine. As soon as I disconnect, my internet connectivity is > completely restored. I have a second VPN I connect to using V-One's > SmartPass software, and I have no issues (i.e. everything works > perfectly, including my 'net connection). > > Anyone have any ideas?
probably (although not definatally) is related to a misconfigured router on the cisco VPN not allowing internet traffic out. this might be intentional too. I run a very small vpn, and in order to keep connection times down (my user base is um.... well then) i have configured to not allow any traffic other than directly to the machine that hosts the vpn.
dunno if this helps much, but might give you a starting point.
Jonathan,
Thanks for the quick reply. I'm not trying to access the internet
through this VPN, I want to access the internet through my own internet
connection, and have only the VPN traffic try to use the VPN tunnel.
The SmartPass VPN connection resides just fine without interfering with
my connection. This is what I'm hoping for.
Does this make sense?
Thanks,
Eric F Crist Best Access Systems 11300 Rupp Dr. Burnsville, MN 55337 Phone: 952.894.3830 Cell: 612.998.3588 Fax: 952-894-1990
When I was using the Cisco VPN client to connect to our router as a terminator back in the olden days, there was an option for the security policy within the client software to totally disable access to non-secure networks while the client was active. I can't see Cisco changing that as time progressed.
There's also a couple of things to consider when working with the built in vpn software for Win2k and WinXP. Windows, when connected via builtin VPN, will connect with the remote network and provide a metric of 1 for that route and it will also be flagged as a default gateway (remote network of 0.0.0.0) , it becomes your best, lowest metric, route to the world by design. I would say, that one of your vpn connections is configured to allow your traffic to pass through it to the net whereas one is not. Since my remote vpn users need access to medical web sites due to the nature of thier specific jobs, I have to provide them a method of either adjusting the metric on their individual systems or configure to allow their web traffic to proceed as required. To me, it's easier for me to allow their traffic and filter it heavily than to allow remote users in other states administrative control over their network settings.
--
Micheal Patterson TSG Network Administration 405-917-0600
Confidentiality Notice: This e-mail message, including any attachments,
is for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message.
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"