Re: [OT] VPN issues with some windows users...

2004-08-17 Thread Jonathan T. Sage 

Eric Crist wrote:
Hello all,
I'm sorry this is a bit off-topic, but you're the only truly
knowledgable group I know. ;)  Some fellow users and I have been having
some issues connecting to a Cisco VPN system with the built-in windows
VPN software.  While successfully connected to the internet (at home,
for example), I connect to the remote VPN.  Instantly, my internet
connectivity seems to be lost, but I can use the VPN perfectly fine.  As
soon as I disconnect, my internet connectivity is completely restored.
I have a second VPN I connect to using V-One's SmartPass software, and I
have no issues (i.e. everything works perfectly, including my 'net
connection).
Anyone have any ideas?
probably (although not definatally) is related to a misconfigured router 
on the cisco VPN not allowing internet traffic out.  this might be 
intentional too.  I run a very small vpn, and in order to keep 
connection times down (my user base is um  well then) i have 
configured to not allow any traffic other than directly to the machine 
that hosts the vpn.

dunno if this helps much, but might give you a starting point.
~j
--
Jonathan T. Sage
Theatrical Lighting / Set Designer
Professional Web Design
He said he likes me, but he's not in-like with me.- Connie, King of 
the Hill

[HTTP://www.JTSage.com]
[HTTP://design.JTSage.com]
[EMAIL PROTECTED]
[See Headers for Contact Info]


signature.asc
Description: OpenPGP digital signature

RE: [OT] VPN issues with some windows users...

2004-08-17 Thread Eric Crist 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of
 Jonathan T. Sage
 Sent: Tuesday, August 17, 2004 8:51 PM
 To: Eric Crist
 Cc: [EMAIL PROTECTED]
 Subject: Re: [OT] VPN issues with some windows users...




 Eric Crist wrote:

  Hello all,
 
  I'm sorry this is a bit off-topic, but you're the only truly
  knowledgable group I know. ;)  Some fellow users and I have been
  having some issues connecting to a Cisco VPN system with
 the built-in
  windows VPN software.  While successfully connected to the internet
  (at home, for example), I connect to the remote VPN.  Instantly, my
  internet connectivity seems to be lost, but I can use the VPN
  perfectly fine.  As soon as I disconnect, my internet
 connectivity is
  completely restored. I have a second VPN I connect to using V-One's
  SmartPass software, and I have no issues (i.e. everything works
  perfectly, including my 'net connection).
 
  Anyone have any ideas?

 probably (although not definatally) is related to a
 misconfigured router
 on the cisco VPN not allowing internet traffic out.  this might be
 intentional too.  I run a very small vpn, and in order to keep
 connection times down (my user base is um  well then) i have
 configured to not allow any traffic other than directly to
 the machine
 that hosts the vpn.

 dunno if this helps much, but might give you a starting point.

Jonathan,

Thanks for the quick reply.  I'm not trying to access the internet
through this VPN, I want to access the internet through my own internet
connection, and have only the VPN traffic try to use the VPN tunnel.
The SmartPass VPN connection resides just fine without interfering with
my connection.  This is what I'm hoping for.

Does this make sense?

Thanks,



Eric F Crist
Best Access Systems
11300 Rupp Dr. Burnsville, MN 55337
Phone: 952.894.3830
Cell: 612.998.3588
Fax: 952-894-1990



___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: [OT] VPN issues with some windows users...

2004-08-17 Thread Jonathan T. Sage 

Eric Crist wrote:
Jonathan,
Thanks for the quick reply.  I'm not trying to access the internet
through this VPN, I want to access the internet through my own internet
connection, and have only the VPN traffic try to use the VPN tunnel.
The SmartPass VPN connection resides just fine without interfering with
my connection.  This is what I'm hoping for.
Does this make sense?
absolutly.  in this case, i *beleive* it should be an option to set up 
the routing table on your local machine to not change your default route 
when i connets (which i probably is doing), and only add direct routes 
to the vpn connection.  i know this is possible using a *nix vpn client, 
 as it is on macosx.  With a bit of work, or maybe a good bit of 
google, i'm sure at least xp can be coerced into this too.

hope this helps.
~j
--
Jonathan T. Sage
Theatrical Lighting / Set Designer
Professional Web Design
He said he likes me, but he's not in-like with me.- Connie, King of 
the Hill

[HTTP://www.JTSage.com]
[HTTP://design.JTSage.com]
[EMAIL PROTECTED]
[See Headers for Contact Info]


signature.asc
Description: OpenPGP digital signature

Re: [OT] VPN issues with some windows users...

2004-08-17 Thread Fernando Gleiser 
On Tue, 17 Aug 2004, Eric Crist wrote:

 Hello all,

 I'm sorry this is a bit off-topic, but you're the only truly
 knowledgable group I know. ;)  Some fellow users and I have been having
 some issues connecting to a Cisco VPN system with the built-in windows
 VPN software.  While successfully connected to the internet (at home,
 for example), I connect to the remote VPN.  Instantly, my internet
 connectivity seems to be lost, but I can use the VPN perfectly fine.  As
 soon as I disconnect, my internet connectivity is completely restored.
 I have a second VPN I connect to using V-One's SmartPass software, and I
 have no issues (i.e. everything works perfectly, including my 'net
 connection).


It's the VPN default configuration. By default, it tries to send everything
through the VPN.
There should be a checkbox somewhere which says send everything through
the tunnel or something like that. Try unchecking that.

Some other VPN clients (Cisco, for example) disalow all traffic other than
the VPN for security reasons. You shouldn't surf the net and use a
VPN to a corporate net at the same time, more so with a windows box ;)



Fer
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

RE: [OT] VPN issues with some windows users...

2004-08-17 Thread Eric Crist 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of
 Jonathan T. Sage
 Sent: Tuesday, August 17, 2004 8:58 PM
 To: Eric Crist
 Cc: [EMAIL PROTECTED]
 Subject: Re: [OT] VPN issues with some windows users...




 Eric Crist wrote:
 
  Jonathan,
 
  Thanks for the quick reply.  I'm not trying to access the internet
  through this VPN, I want to access the internet through my own
  internet connection, and have only the VPN traffic try to
 use the VPN
  tunnel. The SmartPass VPN connection resides just fine without
  interfering with my connection.  This is what I'm hoping for.
 
  Does this make sense?
 

 absolutly.  in this case, i *beleive* it should be an option
 to set up
 the routing table on your local machine to not change your
 default route
 when i connets (which i probably is doing), and only add
 direct routes
 to the vpn connection.  i know this is possible using a *nix
 vpn client,
   as it is on macosx.  With a bit of work, or maybe a good bit of
 google, i'm sure at least xp can be coerced into this too.

 hope this helps.

I've done an extreme amount of googling on this matter, and I do find
one entry, in particular, but it's a pay-service to obtain the solution.
I guess this isn't worth the $9.95/month for 12 months to me, so I was
hoping someone would have an answer. I guess I haven't checked out the
default route settings, but I'm sure that's what's going on.  Kinda
retarded how it's just changing things on me.

Thanks again,


Eric F Crist



___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: [OT] VPN issues with some windows users...

2004-08-17 Thread Bill Moran 
Eric Crist [EMAIL PROTECTED] wrote:
 Hello all,
 
 I'm sorry this is a bit off-topic, but you're the only truly
 knowledgable group I know. ;)  Some fellow users and I have been having
 some issues connecting to a Cisco VPN system with the built-in windows
 VPN software.  While successfully connected to the internet (at home,
 for example), I connect to the remote VPN.  Instantly, my internet
 connectivity seems to be lost, but I can use the VPN perfectly fine.  As
 soon as I disconnect, my internet connectivity is completely restored.
 I have a second VPN I connect to using V-One's SmartPass software, and I
 have no issues (i.e. everything works perfectly, including my 'net
 connection).

I think Fernando already answered well, but I just want to second this.

This is definatly a config on the client.  I dealt with this a few years
ago and we had to spend quite a few hours researching to figure out what
to change to fix it, but there was just one option hidden deep in a
cascade of dialog boxes that basically told the machine that it should
only use the VPN for traffic that needed the VPN.  Everything worked
fine after that.  The default is set to broken (figures).

Sorry I don't remember the exact config setting :(

-- 
Bill Moran
Potential Technologies
http://www.potentialtech.com
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: [OT] VPN issues with some windows users...

2004-08-17 Thread Micheal Patterson 

- Original Message - 
From: Eric Crist [EMAIL PROTECTED]
To: 'Jonathan T. Sage' [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Tuesday, August 17, 2004 8:48 PM
Subject: RE: [OT] VPN issues with some windows users...


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Jonathan T. Sage
Sent: Tuesday, August 17, 2004 8:51 PM
To: Eric Crist
Cc: [EMAIL PROTECTED]
Subject: Re: [OT] VPN issues with some windows users...

Eric Crist wrote:
 Hello all,

 I'm sorry this is a bit off-topic, but you're the only truly
 knowledgable group I know. ;)  Some fellow users and I have been
 having some issues connecting to a Cisco VPN system with
the built-in
 windows VPN software.  While successfully connected to the internet
 (at home, for example), I connect to the remote VPN.  Instantly, my
 internet connectivity seems to be lost, but I can use the VPN
 perfectly fine.  As soon as I disconnect, my internet
connectivity is
 completely restored. I have a second VPN I connect to using V-One's
 SmartPass software, and I have no issues (i.e. everything works
 perfectly, including my 'net connection).

 Anyone have any ideas?
probably (although not definatally) is related to a
misconfigured router
on the cisco VPN not allowing internet traffic out.  this might be
intentional too.  I run a very small vpn, and in order to keep
connection times down (my user base is um  well then) i have
configured to not allow any traffic other than directly to
the machine
that hosts the vpn.
dunno if this helps much, but might give you a starting point.
Jonathan,
Thanks for the quick reply.  I'm not trying to access the internet
through this VPN, I want to access the internet through my own 
internet
connection, and have only the VPN traffic try to use the VPN tunnel.
The SmartPass VPN connection resides just fine without interfering 
with
my connection.  This is what I'm hoping for.

Does this make sense?
Thanks,

Eric F Crist
Best Access Systems
11300 Rupp Dr. Burnsville, MN 55337
Phone: 952.894.3830
Cell: 612.998.3588
Fax: 952-894-1990

When I was using the Cisco VPN client to connect to our router as a 
terminator back in the olden days, there was an option for the security 
policy within the client software to totally disable access to 
non-secure networks while the client was active. I can't see Cisco 
changing that as time progressed.

There's also a couple of things to consider when working with the built 
in vpn software for Win2k and WinXP. Windows, when connected via builtin 
VPN, will connect with the remote network and provide a metric of 1 for 
that route and it will also be flagged as a default gateway (remote 
network of 0.0.0.0) , it becomes your best, lowest metric, route to the 
world by design. I would say, that one of your vpn connections is 
configured to allow your traffic to pass through it to the net whereas 
one is not. Since my remote vpn users need access to medical web sites 
due to the nature of thier specific jobs, I have to provide them a 
method of either adjusting the metric on their individual systems or 
configure to allow their web traffic to proceed as required. To me, it's 
easier for me to allow their traffic and filter it heavily than to allow 
remote users in other states administrative control over their network 
settings.

--
Micheal Patterson
TSG Network Administration
405-917-0600
Confidentiality Notice:  This e-mail message, including any attachments,
is for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message. 

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]