Options
vpn access
mrbinary
Member Posts: 19 ■□□□□□□□□□
i noticed when at work i can't access certain sites while on vpn such as isohunt.com and other nsfw sites. however i noticed when i am on vpn and in this case i forgot to log off my works vpn and accidently browsed sites not suitable for work, i was able to.
at work we get a juniper netscreen message.
question is ? is it because when on vpn i am on a diff subnet then being a work and not being monitored?
i noticed when on vpn my ip is different from when i am on vpn and rdping into a local box?
can i get into trouble? they would know i am using a verizon isp ip address.
would they know my hostname? how bout my windows 7 logon ID?
thanks guys.
at work we get a juniper netscreen message.
question is ? is it because when on vpn i am on a diff subnet then being a work and not being monitored?
i noticed when on vpn my ip is different from when i am on vpn and rdping into a local box?
can i get into trouble? they would know i am using a verizon isp ip address.
would they know my hostname? how bout my windows 7 logon ID?
thanks guys.
Comments
-
OptionsLegacy User
Unregistered / Not Logged In Posts: 0 ■□□□□□□□□□
It really depends how the VPN was configured. If for example they configured split tunneling then the internet traffic goes through your personal ISP and only the traffic to access your companies resources will go through the tunnel. If they haven't said anything don't worry about it but make sure in the future you always disconnect the VPN connection before browsing just in case you feel Big Brother is monitoring your porno habits..hehe j/k.
-
Optionsmrbinary
Member Posts: 19 ■□□□□□□□□□
thanks for the reply. but is there something that can tip this off? like i looked at the dns servers for my local connection and they point to the work ones, so i dought they are using split tunnelling. they should to keep security at bay but i doubt this?
if i do a tracert on a packet and notice that its hitting their dns servers for say google.ca, would that be a way to find out how the vpn is setup? -
Options
RouteMyPacket
Member Posts: 1,104
Many variables could be configured, DAP, WebACLs, Split Tunneling to name a fewModularity and Design Simplicity:
Think of the 2:00 a.m. test—if you were awakened in the
middle of the night because of a network problem and had to figure out the
traffic flows in your network while you were half asleep, could you do it? -
Optionstheodoxa
Member Posts: 1,340 ■■■■□□□□□□
Start > run > cmd > route print
Look for a persistent route to 0.0.0.0. If there is only 0.0.0.0 and it points to your work VPN then its all probably going through the tunnel.R&S: CCENT → CCNA → CCNP → CCIE [ ]
Security: CCNA [ ]
Virtualization: VCA-DCV [ ] -
Optionsmrbinary
Member Posts: 19 ■□□□□□□□□□
below is my results of that route print. i see it has a static route below. does this mean they not using split tunneling? any reason as to why not? isn't that a security concern? what would be the pros/cons of doing that?
thanks. -
Optionstheodoxa
Member Posts: 1,340 ■■■■□□□□□□
below is my results of that route print. i see it has a static route below. does this mean they not using split tunneling? any reason as to why not? isn't that a security concern? what would be the pros/cons of doing that?
thanks.
Laziness is my guess. There's no really good reason I can think of not to use Split Tunneling other than for simplicity.R&S: CCENT → CCNA → CCNP → CCIE [ ]
Security: CCNA [ ]
Virtualization: VCA-DCV [ ] -
Optionseten
Member Posts: 67 ■■□□□□□□□□
I worked with companies where it was a requirement for all traffic to be tunneled to HQ for security reasons. Internet was also locked down for certain groups once connected to VPN.
-
Options
rowelld
Member Posts: 176
Doesn't sound like they are using split-tunneling if your web browsing traffic is being blocked while connected to the VPN. A reason they may do this is for example, you are working at a coffee shop and IT/Business Policy wants your web traffic to be secure - they will have it go through the VPN tunnel.Visit my blog: http://www.packet6.com - I'm on the CWNE journey!
