vpn access

i noticed when at work i can't access certain sites while on vpn such as isohunt.com and other nsfw sites. however i noticed when i am on vpn and in this case i forgot to log off my works vpn and accidently browsed sites not suitable for work, i was able to.

at work we get a juniper netscreen message.

question is ? is it because when on vpn i am on a diff subnet then being a work and not being monitored?

i noticed when on vpn my ip is different from when i am on vpn and rdping into a local box?

can i get into trouble? they would know i am using a verizon isp ip address.

would they know my hostname? how bout my windows 7 logon ID?

thanks guys.

Find more posts tagged with

SAVE $250 on Your CISCO Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View CISCO Boot Camps

Comments

Legacy User

It really depends how the VPN was configured. If for example they configured split tunneling then the internet traffic goes through your personal ISP and only the traffic to access your companies resources will go through the tunnel. If they haven't said anything don't worry about it but make sure in the future you always disconnect the VPN connection before browsing just in case you feel Big Brother is monitoring your porno habits..hehe j/k.

mrbinary

thanks for the reply. but is there something that can tip this off? like i looked at the dns servers for my local connection and they point to the work ones, so i dought they are using split tunnelling. they should to keep security at bay but i doubt this?

if i do a tracert on a packet and notice that its hitting their dns servers for say google.ca, would that be a way to find out how the vpn is setup?

RouteMyPacket

Many variables could be configured, DAP, WebACLs, Split Tunneling to name a few

theodoxa

Start > run > cmd > route print

Look for a persistent route to 0.0.0.0. If there is only 0.0.0.0 and it points to your work VPN then its all probably going through the tunnel.

mrbinary

below is my results of that route print. i see it has a static route below. does this mean they not using split tunneling? any reason as to why not? isn't that a security concern? what would be the pros/cons of doing that?

thanks.

Capture.jpg

theodoxa

mrbinary wrote: »

below is my results of that route print. i see it has a static route below. does this mean they not using split tunneling? any reason as to why not? isn't that a security concern? what would be the pros/cons of doing that?

thanks.

Laziness is my guess. There's no really good reason I can think of not to use Split Tunneling other than for simplicity.

eten

I worked with companies where it was a requirement for all traffic to be tunneled to HQ for security reasons. Internet was also locked down for certain groups once connected to VPN.

rowelld

Doesn't sound like they are using split-tunneling if your web browsing traffic is being blocked while connected to the VPN. A reason they may do this is for example, you are working at a coffee shop and IT/Business Policy wants your web traffic to be secure - they will have it go through the VPN tunnel.