Options

VPN Questions

About7NarwhalAbout7Narwhal Member Posts: 761
in Off-Topic
Few questions for you guys. But first a little background:


When I was an on-call tech, I was authorized to use my personal computer to access the company network by way of VPN. The issue this frequently caused was that I would have other things I wanted to do while on the company network which were against company policy (social networking, YouTube, online games, etc).


Now to the questions:
  • If I were to VPN via a VM but not the host, would my data still be secure?
  • If I VPN via a VM, what information would the server receive (MAC, OS, etc): The host or the VM information?
  • Lastly, is it possible to VPN via both the host and the VM? Advisable? (strictly security question, speed is not a factor)
Thanks for the help in advance.
· Share on FacebookShare on Twitter

Comments

  • Options
    GOZCUGOZCU Member Posts: 234
    your IP address and the name of the computer are known from the other side. It is also not hard to guess what is your operating system through your computer name. exp; admin.macbook can be a computer name ;)

    If you choose the option " Send all traffic over VPN", your traffic will be checked by the company's network firewall policy. If it is sth against to their firewall policy you may not reach to that application/web page...

    Lastly, VPN is a secure connection, especially L2TP.. highly encrypted...

    If you don't choose "Send all traffic over VPN" you may not reach the necessary resources that you should for your job.
    http://www.linkedin.com/in/esergozcu

    http://studentcodes.org/
    · Share on FacebookShare on Twitter
  • Options
    wes allenwes allen Member Posts: 540 ■■■■■□□□□□
    If your VPN doesn't allow for split tunneling, then running it via a VM would be a good idea. I used to do that on my Mac with VMware - VPN client on winxp VM to do work stuff, mail and browser on Mac to do other stuff.
    · Share on FacebookShare on Twitter
  • Options
    AhriakinAhriakin Member Posts: 1,799 ■■■■■■■■□□
    Bear in mind there are very good reasons that Split-Tunnelling is not common (your system becoming an active backdoor into the corporate network is a biggy). While there are ways around it you will be putting your corporate network at risk and presumably violating your acceptable use policy in the process.
    We responded to the Year 2000 issue with "Y2K" solutions...isn't this the kind of thinking that got us into trouble in the first place?
    · Share on FacebookShare on Twitter
  • Options
    phoeneousphoeneous Member Posts: 2,333 ■■■■■■■□□□
    Is split tunneling not a best practice for vpn?
    · Share on FacebookShare on Twitter
  • Options
    PurpleITPurpleIT Member Posts: 327
    That depends.

    Security wise, no, it generally is not considered a best practice, but if you add usability into the equation I would argue that changes quickly.

    A lot of the security issues can be addressed by other means; client inspection & remediation, ACLs, VPN DMZs, etc, but even then you are still not as secure as you would be if you didn't allow split tunneling.
    WGU - BS IT: ND&M | Start Date: 12/1/12, End Date 5/7/2013
    What next, what next...
    · Share on FacebookShare on Twitter
Sign In or Register to comment.