- Posts: 18
- Thank you received: 0
VPN
- westwindshelley
- Topic Author
- Offline
- New Member
In God we trust but for everything else we need data
Its not something i have tested so i cannot be 100% but it sounds plausable.
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
- westwindshelley
- Topic Author
- Offline
- New Member
- Posts: 18
- Thank you received: 0
In God we trust but for everything else we need data
BUT i'm not sure I understand what your asking...
If the linksys router is sharing the internet connection between all the home users.. Then your OK.
BUT.
If one of the PC's is using Internet Connection sharing to share the connection there is a potential problem.
Easiest solution. make sure all the "home" users have there own IP address on the "home" network Then only the 1 with the VPN set up on his computer will have access.. Just get rid of MS Internet Connection Sharing all together.. there is no reason to use it if you have a router...( at least none I can think of)
- westwindshelley
- Topic Author
- Offline
- New Member
- Posts: 18
- Thank you received: 0
Scenario 1:- A remote user connected to a linksys router (with built in modem)...3 other users also connected to the same router. all the pc's get connected to the internet through the broadband router...user 1 also connects to his company's network through a vpn connection through the same router...the company network admn had installed a vpn client on his system. Now while installing the vpn client on his system the admn forgot to disable internet connection sharing. Now my question to you is that will the other 3 users also be able to get on to the company's network ?
Scenario 2:- A remote user connected to a broadband modem only...his system has 2 NIC's...with one NIC he gets connected to the internet....he also accesses his company's network through a vpn connection...the other NIC is connected to a hub...3 other users are connected to the same hub...internet connection sharing is enabled on the pc 1...the other 3 pc's share the internet connection...now my question to you is the same as asked before...will the other 3 users also be able to get on to the company's network ?
In God we trust but for everything else we need data
Scenario 1:- A remote user connected to a linksys router (with built in modem)...3 other users also connected to the same router. all the pc's get connected to the internet through the broadband router...user 1 also connects to his company's network through a vpn connection through the same router...the company network admn had installed a vpn client on his system. Now while installing the vpn client on his system the admn forgot to disable internet connection sharing. Now my question to you is that will the other 3 users also be able to get on to the company's network ?
I am not 100% sure on this one. The thing here is (not really played with ICS so others may be able to correct this), do you not need 2 NICs in order to setup ICS ? Your machine with the VPN software installed will have a single NIC that is on the same subnet as the other machines, I am not convinced that ICS will work because it needs to NAT traffic from one address to the other address (unless by the comment "With Built in Modem" you mean that it has a dail-up connection also in order to do the VPN).
Scenario 2:- A remote user connected to a broadband modem only...his system has 2 NIC's...with one NIC he gets connected to the internet....he also accesses his company's network through a vpn connection...the other NIC is connected to a hub...3 other users are connected to the same hub...internet connection sharing is enabled on the pc 1...the other 3 pc's share the internet connection...now my question to you is the same as asked before...will the other 3 users also be able to get on to the company's network ?
I would suspect that in this one, yes it would, the traffic would get routed through the machine and depending on split-tunnelling, they will go down the VPN or if its resources on the Internet, it may just get routed over the Internet via the ISP.
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.